Many US State Department employees had their phones hacked and tracked using Israeli software
At least nine US State Department employees using iPhones were attacked by an unknown attacker using surveillance software produced by the Israeli company NSO.
![]() |
A simulated image of a smartphone with the NSO Company website displayed on the screen. Photo: AFP |
Reuters quoted four people familiar with the matter as saying that the attacks occurred consecutively over the past few months and targeted US diplomatic staff working in Uganda or related to this East African country.
The first documented incident in Uganda is the most widely reported attack on the phones of US officials using NSO’s Pegasus software. A list of potential targets, including several US officials, had previously emerged when media reports about Pegasus emerged, but it was unclear whether the intrusions were successful.
Responding to this information, an NSO representative said the company had no indication that its tools had been used in the latest series of phone attacks, but they had revoked access to the relevant customers and would conduct an investigation based on Reuters' report.
NSO has long said it only sells its technology to intelligence and law enforcement clients to help them monitor security threats, and does not directly engage in surveillance operations.
The Ugandan Embassy in Washington and Apple representatives both declined to comment on the matter. However, last month, the US Department of Commerce decided to add the Israeli technology company to its entity list, limiting the ability of US companies to cooperate.
According to Reuters, NSO software is not only capable of recording encrypted messages, photos and other sensitive information of infected phones, but also turns them into recording devices to monitor the surrounding environment.
Apple's warning to affected users did not name the author of the spyware used in the phone hack.
However, two sources said Apple sent notices to customers in multiple countries, including US citizens, and they were easily identified as government employees because the email addresses associated with their Apple IDs ended in state.gov.
Since at least February 2021, an Apple software bug has allowed some users of NSO's technology to take control of iPhones simply by sending "invisible" requests via iMessage.
Victims do not see or need to interact with this command for the intrusion to be successful. Soon after, versions of NSO's Pegasus surveillance software are installed on the victim's phone.
Apple sent a notice to customers last week, the same day it filed a lawsuit against NSO, accusing the company of enabling customers to hack into Apple's iOS operating system.
In a public response, NSO said its technology helps prevent terrorism and that it has installed numerous controls to limit surveillance purposes to innocent targets.
For example, NSO says its hacking system cannot work on phones with US phone numbers that begin with the country code +1.
But in the Uganda case, the targeted State Department employees were using iPhones registered to foreign phone numbers without U.S. country codes, two sources said.