Skip to content
Europe
AI-Assisted Briefing

Spyware Targeting of MEP Raises Alarms Over Investigative Integrity in Europe

GB
Irina Volkov Russia & Eastern Europe Analyst
Published Jul 05, 2026 • 04:00
The hacking of Stelios Kouloglou, a former MEP investigating the Pegasus spyware, underscores the vulnerabilities faced by political figures and raises significant concerns about the integrity of political investigations in Europe.

Uncovering a Disturbing Trend in Political Surveillance

The revelation that Stelios Kouloglou, a former Member of the European Parliament (MEP) and a key figure in the investigation of spyware abuses, was repeatedly hacked using Pegasus spyware has ignited a firestorm of debate regarding the integrity and safety of political investigations in Europe. This troubling incident not only raises questions about the security of elected officials but also highlights the broader implications of state-sponsored cyber espionage on democratic processes.

What Happened

According to a forensic investigation conducted by researchers at the University of Toronto’s Citizen Lab, Kouloglou’s phone was compromised at least twice during crucial phases of the Parliament’s PEGA Committee investigation into spyware abuses. The first breach occurred on October 21, 2022, coinciding with preparations for committee research missions to Greece, Cyprus, and Spain. The second incident took place on March 6-7, 2023, as the committee continued its work. This marks a significant milestone as it is the first known instance of an active member of the European Parliament being explicitly targeted by Pegasus spyware, a tool developed by the Israeli NSO Group, notorious for its use against political figures and activists worldwide, including leaders within the EU itself.

Why It Matters

The implications of this hacking incident reach far beyond the personal security of a single MEP. It raises serious concerns about the integrity of political investigations in Europe, particularly those scrutinizing the use of spyware by governments. If members of investigative bodies are themselves subjected to surveillance, it calls into question whether their findings can be trusted or if they are effectively hampered by external forces. This situation not only puts individual politicians in jeopardy but also threatens the very foundations of democratic accountability and transparency.

Moreover, the potential attribution of this cyber-attack to any specific government remains unclear. The Citizen Lab report did not link the hacks directly to any governmental actor, instead noting that they bore similarities to previous hacking campaigns targeting journalists from Russia and Belarus. This ambiguity highlights the pervasive risks associated with modern political surveillance and the challenges in identifying responsible parties.

Source Comparison

Both Politico Europe and The Guardian reported on this significant breach, though their emphases varied slightly. Politico underscored the timing of the hacks in relation to critical phases in the investigation. Conversely, The Guardian focused on the inability to attribute the attacks to any specific government while drawing parallels to hacking incidents involving exiled journalists. Both sources confirm the fundamental details of the hacking incidents but diverge in their narrative focus and implications. Politico’s center-leaning perspective emphasizes institutional integrity, while The Guardian’s left-leaning orientation provides a broader context of state-sponsored surveillance affecting dissidents and journalists.

Context and Background

The use of spyware, particularly the Pegasus program, has become a focal point of international discourse surrounding digital rights and privacy. Governments worldwide have increasingly employed such technologies for surveillance, often under the guise of national security. The NSO Group, which produces Pegasus, has faced international scrutiny for its role in facilitating human rights abuses through its software, with reports indicating its use against journalists, activists, and political figures globally.

This incident involving Kouloglou is set against a backdrop of rising tensions within Europe regarding digital privacy and the protection of political figures from state surveillance. The European Union has initiated discussions surrounding regulations on spyware and surveillance technologies, but the effectiveness of these measures remains uncertain in light of the current hacking incidents. The ongoing conflict between state security interests and individual privacy rights presents a complex dilemma that has yet to be satisfactorily resolved.

Reactions or Implications

The reaction from the European political community has been swift and severe. Kouloglou himself expressed deep concerns about the implications of these hacks, stating that they occurred during periods of significant investigation into government surveillance activities. This raises alarms over the integrity of not only the PEGA Committee’s work but also the broader capacity of the EU to safeguard its representatives against such intrusive technologies.

Moreover, human rights organizations and privacy advocates have condemned the use of such spyware against political figures, calling for stricter regulations and oversight concerning the sale and deployment of surveillance technologies. The European Parliament may be compelled to take further action, including potential investigations into the use of Pegasus by EU member states against their own political figures.

What to Watch Next

As this incident unfolds, several key developments warrant close attention. Firstly, the response from the European Parliament and its committees in addressing the implications of Kouloglou’s hacking will be crucial. Will there be stronger safeguards implemented to protect MEPs and their investigations from surveillance threats?

Additionally, the dialogue surrounding the regulation of spyware technology is likely to intensify. The European Union faces pressure to establish clearer guidelines and restrictions on the use of such technologies, especially against political figures and journalists. The outcomes of ongoing investigations into the misuse of Pegasus, both within and outside Europe, will be pivotal in shaping the narrative around digital privacy and government accountability.

Ultimately, the Kouloglou incident serves as a stark reminder of the vulnerabilities inherent in modern political processes and poses a crucial question: how can democracies effectively safeguard their institutions and representatives from the encroachment of state-sponsored surveillance?

Sources used for this material

P
Politico Europe supporting
T
The Guardian supporting
Additional background signals monitored but not directly cited.

How this article was produced

This article was created as an original globalBriefUP material with AI assistance, based on multiple source materials. It was not copied or directly translated from a single source. Sources used are listed for transparency.

AI-Assisted Signal Extraction
Processing for Review