With the government accusing WhatsApp of not informing it on time and with details that personal data of Indians was compromised by a spyware, a spokesperson for the Facebook-owned instant messaging app said it regrets that it did not meet the “Governments expectations for proactive engagement on these issues.”
The Computer Emergency Response Team (CERT-In) had published a vulnerability note on May 17 advising countermeasures to users about a vulnerability in WhatsApp, according to Union Information and Technology Minister Ravi Shankar Prasad.
WhatsApp reported an incident to the CERT-In on May 20, the Minister said.
The Minister said that WhatsApp wrote to CERT-In again on September 5 mentioning an update to the security incident reported in May 2019, that while the full extent of this attack may never be known, WhatsApp continued to review the available information.
Prasad said WhatsApp has informed the government that the spyware Pegasus was developed by the Israel based NSO Group which had used the spyware to attempt to reach the mobile phones of a possible 1,400 users globally that includes 121 users from India.
Responding to allegations that WhatsApp did not provide adequate details clearly, the messaging platform’s spokesperson said that it would “strive to do better”.
“WhatsApp considers it a privilege to serve and carry the trust of more than 400 million people in India. We are deeply committed to protecting the privacy of our users in India by providing industry-leading security for all messages and calls and by staying ahead of advanced threats to user security,” the WhatsApp spokesperson said in a statement.
“The Government also plays a critical role here and we are committed to continuing to engage them in a timely manner on sensitive issues related to user privacy and security,” the statement added.
“We look forward to working with the Government to address their appropriate concerns and provide the best possible protections to all those who rely on WhatsApp to communicate.”