top of page

The Lowdown Hub

The government and Mexico’s traditional political espionage went high-tech

Victims say the use of Pegasus spyware through 2017 had a chilling effect on journalists and human rights workers. The government says it halted the practice, but questions remain.

The phone numbers of dozens of people close to Mexican President Andrés Manuel López Obrador appeared on a list that included some selected for surveillance since 2016 by clients of NSO Group, an Israeli security company. (Luis Antonio Rojas/Bloomberg News)

MEXICO CITY — In 2017, investigators discovered traces of Pegasus spyware on the phones of several Mexican journalists and civic activists. The government acknowledged it had used Pegasus — but only, officials said, to fight criminals. Amid the backlash, the Justice Ministry stopped using the surveillance tool.

Four years later, Pegasus has become the most prominent symbol of an explosion of high-tech political spying in Mexico. And yet the mystery around its use has only deepened. The Justice Ministry told a government watchdog agency in 2019 that it had uninstalled the spyware licensed by the Israeli-based NSO Group — but it had no records of how or when, or what happened to any data collected. Mexican federal prosecutors are investigating the alleged abuse of the hacking tool.

A new investigation by The Washington Post and 16 media partners are raising further questions about the use of Pegasus in this young democracy. The investigation has found evidence of the spyware in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, and business people around the world. Their numbers appear on a list of more than 50,000 numbers concentrated in countries known to have been clients of NSO.

Nearly one-third of the numbers are in Mexico, all from 2016 and 2017. The team of journalists identified and verified more than 400 of them. They include phone contacts for dozens of people close to then-presidential candidate Andrés Manuel López Obrador: top advisers, his wife, three of his sons, his brothers, his drivers — even his cardiologist. Scores of numbers for other top politicians appeared, as well as those for union representatives, journalists, and civic activists. Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International, a human rights group, had access to the list and shared it with the news organizations, which did further research and analysis. Amnesty’s Security Lab did the forensic analyses on the smartphones.

Read key takeaways from the Pegasus Project It is not known how many of the Mexican phones were selected for surveillance or how many were successfully targeted. The consortium did not verify additional infections in Mexico but did identify attempted penetrations in the phones of a Mexican magazine reporter and a broadcast journalist’s assistant whose numbers were on the list. Analysis of the phones of a human rights defender and a former prosecutor on the list were inconclusive; both had replaced the phones they used in 2016 and 2017, making detection of any hacking attempt more difficult.