The United States on Wednesday added the Israeli spyware company NSO Group to its “entity list,” a federal blacklist prohibiting the company from receiving some American technologies, after determining the company’s phone-hacking tools had been used by foreign governments to “maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

The move is a significant sanction against a company spotlighted in July by the global Pegasus Project consortium, including The Washington Post and 16 other news organizations worldwide. The consortium published dozens of articles detailing misuse of the Pegasus spyware by customers of NSO.

The Commerce Department said in a statement that the action is part of the Biden administration’s “efforts to put human rights at the center of U.S. foreign policy, including by working to stem the proliferation of digital tools used for repression.”

The company did not immediately respond to requests for comment.

The company has consistently denied the findings of the Pegasus Project, which found that some of NSO’s dozens of law enforcement, military and intelligence customers in more than 40 countries target journalists, politicians and human rights workers on a routine basis with Pegasus, which can hack into a victim’s cellphone. NSO has acknowledged problems with certain customers in the past.

Being added to the entity list prohibit all exports from the U.S. to NSO of any type of hardware or software, severing the company from a vital source of technology. It could also hinder it from future business arrangements and challenge their ability to work as an international company.

“The impact is broader than just the legal prohibition,” said Kevin Wolf, an international trade lawyer at the firm Akin Gump who previously ran the entity list process. “It’s a huge red flag.”

Past administrations added Huawei and other Chinese firms to the list, citing their alleged contributions to human rights abuses of the Uyghurs, a mostly Muslim minority group detained en masse in Chinese “reeducation” camps.

But it is rare for the U.S. government to target companies from U.S. allies, including NSO Group’s home country of Israel. NSO’s addition to the list also marked one of the first times that the U.S. government had cited cyber-surveillance issues as the cause for the penalty.

Three other companies were also added to the list: Israel’s Candiru, Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy PTE.