Poland’s prosecutor general told the parliament that the Pegasus spyware was used against hundreds of people during the former government in Poland, among them elected officials.

Adam Bodnar told lawmakers that he found the scale of the surveillance “shocking and depressing.”

“It is sad for me that even in this room, I am speaking to people who were victims of this system,” Bodnar told the Sejm, the lower house of parliament.

Bodnar, also the justice minister, refrained from disclosing the identities of those subjected to surveillance by the spyware, citing confidentiality. This secrecy underscores the urgent need for transparency in such matters.

Bodnar presented information that the prosecutor general’s office sent to the Sejm and Senate last week. The data showed that Pegasus was used in cases of 578 people from 2017 to 2022, and it was used by three separate government agencies: the Central Anticorruption Bureau, the Military Counterintelligence Service and the Internal Security Agency.

The data show that it was used against six people in 2017, 100 in 2018, 140 in 2019, 161 in 2020, 162 in 2021, and then nine in 2022, when it stopped.

The existence of Pegasus revealed flaws in Jobs’ Mob’s bug bounty programme. Apple always had trouble admitting that its software had flaws, and its programme maxed out at $200,000. This figure was well below what hackers could make flogging the found flaws to the likes of NSO, who created Pegasus.