The Government does not know how many British users may have been affected by a “terrifying” WhatsApp security breach, MPs have heard.
Shadow digital secretary Tom Watson warned a security flaw in the messaging app could be used by states to monitor human rights groups.
Digital Minister Margot James said the likelihood of there being UK victims of the attack is being investigated but said, as yet, there is no information about how many people could have been targeted.
Asking an urgent question in the Commons, Mr Watson said: “Another day, another serious, major data breach from a Mark Zuckerberg company.”
He added the spyware, called Pegasus, had been created by an Israeli security company, the NSO Group.
The West Bromwich East MP said the malicious software is transmitted via a phone call and is then able to access “everything”.
Mr Watson said: “It can even use the phone’s camera and microphone to record the user’s surroundings. That is terrifying.”
He added 1.5 billion people worldwide use WhatsApp, with millions of users in the UK.
The attack could have been carried out by a “state actor”, he said.
For the Government, Ms James replied: “I agree that these transgressions are happening far too frequently.”
She said Digital Secretary Jeremy Wright has already raised his “deep concern” with former Liberal Democrat leader Sir Nick Clegg, who is now the global head of public affairs for Facebook, which owns WhatsApp.
Ms James added: “I share the concerns that this type of attack could be used by a state to monitor human rights activists.”
Responding to questions of how many UK users may have been affected, Ms James said the National Cyber Security Centre (NCSC) is investigating and the advice from WhatsApp is to install the newest updates of the app.
She said: “I am assured by the NCSC that the advice they are giving at the moment is what we should all be following, and they are investigating the likelihood of any UK users having been victims of this latest attack but, as yet, I don’t have any further information on that particular point to inform the House.”
Conservative MP Rebecca Pow (Taunton Deane) said people largely believed WhatsApp was a “safe app” before adding: “Now we suddenly discover perhaps it isn’t after all. This is deeply worrying.”
She added: “Can she give assurances that Mr Zuckerberg has fixed the flaw and will be brought to task?”
Ms James said data laws implemented last year put in place the “strongest privacy standards and rules” and the Information Commissioner’s Office (ICO) has resources to deal with such issues.
Nigel Huddleston, Conservative MP for Mid Worcestershire, said the ICO could implement a fine of up to 4% of global revenue and noted: “Facebook’s quarterly revenue last quarter was over £16 billion.
“That could go quite a long way towards helping cover the cost of our security services to counter some of the challenges we’ve got in the digital space.”
Ms James said the law is connected to protecting the privacy of UK users, adding: “It remains to be seen if UK users have been affected by this particular breach but I’m sure if they have been the ICO will be making further inquiries.”
Labour’s Darren Jones (Bristol North West) joked: “I’m sure the minister will want to encourage the increasing number of her colleagues with their own budding leadership WhatsApp groups to update their WhatsApp.”