MADRID (AP) — The cellphones of Spain’s prime minister and defense minister were infected last year with Pegasus spyware, which is available only to countries’ government agencies, authorities announced Monday.
Prime Minister Pedro Sánchez’s mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles’ device was targeted once the following month, Cabinet Minister Félix Bolaños said.
The breaches, which resulted in a significant amount of data being obtained, were not authorized by a Spanish judge, which is a legal requirement for national covert operations, Bolaños said at a hastily convened news conference in Madrid.
“We have no doubt that this is an illicit, unauthorized intervention,” Bolaños said. “It comes from outside state organisms and it didn’t have judicial authorization.”
The Socialist-led government was during those months under intense scrutiny over its handling of a major foreign policy spat with Morocco and gripped by a tense domestic dispute over the release of jailed separatists from Spain’s restive Catalonia region.
Bolaños refused to speculate who might have been behind the Pegasus breach, nor what might have prompted it. The National Court opened an investigation into the breach, and a parliamentary committee on intelligence affairs was set to look into it.
In May 2021, more than 8,000 migrants forced their way into Spain’s North African enclave of Ceuta from Morocco by scaling a border fence or swimming around it. Spain deployed troops and armored vehicles there to stop more migrants getting into its territory.
That crisis came as Rabat and Madrid were at odds over Spain agreeing to provide COVID-19 care to a prominent Sahrawi leader fighting for the independence of Western Sahara, a territory once under Spanish control that Morocco annexed in the 1970s.
Moroccan authorities denied they encouraged mass migration into Ceuta, which came as Spain struggled to cope with tens of thousands of migrants arriving from Africa.
Before Monday’s announcement, the government was already under pressure to explain why the cellphones of dozens of people connected to the separatist movement in the northeastern Catalonia region were infected with Pegasus between 2017 and 2020.
The Catalan dispute, with separatists wanting to break away from Spain and activists staging occasionally violent street protests, has dogged Spanish governments for decades.
The spyware revelations — by Citizen Lab, a cybersecurity group of experts affiliated with the University of Toronto — involve at least 65 people, including elected officials, lawyers and activists linked to Catalonia.
They were targeted with the software of two Israeli companies, Candiru and NSO Group, the developer of Pegasus. The spyware silently infiltrates phones or other devices to harvest data and potentially spy on their owners.
The regional Catalan government has accused Spain’s National Intelligence Center, or CNI, of spying on separatists, and declared that relations with national authorities were “on hold” until full explanations are offered and those responsible are punished.
The conservative Popular Party, or PP, was in office in 2017, when Catalan separatists declared independence following an unauthorized referendum, although no further action was taken to execute the declaration. The PP remained in power until mid-2018, when they were ousted by Sánchez in a parliamentary vote.
The spying case is disrupting Spanish politics. ERC, the main political party in Catalonia and a crucial ally of the current government, has called for the resignation of Robles, the defense minister. But the spying scandal has left them exposed to the pressure of more radical separatists, who are calling on ending the support for Sánchez’s left-to-center coalition in the national parliament.
The central government has attempted to address their concerns with pledges of full transparency, announcements of plans for an internal probe by the country’s intelligence agency, and a separate investigation by Spain’s ombudsman.
A special parliamentary commission on state secrets has also been established and the head of CNI is expected to be questioned by lawmakers later this week, although discussions around state security issues are not meant to be publicized.
Barry Hatton in Lisbon, Portugal, contributed to this story.