Gemalto: NSA/GCHQ Hack ‘Probably Happened’ But Didn’t Include Mass SIM Key Theft


Gemalto — the world’s biggest maker of SIM cards for mobile phones — says that it has “reasonable grounds” to believe that the NSA and GCHQ carried out an operation to hack its network in 2010 and 2011, but the consequences of those actions were not as far-reaching as has been reported. The hack breached Gemalto’s office networks, but it “could not have resulted in a massive theft of SIM encryption keys,” and “in the case of an eventual key theft, the intelligence services would only be able to spy on communications on second generation 2G mobile networks. 3G and 4G networks are not vulnerable to this type of attack.”

The conclusions were published today by Gemalto in a final report from an investigation that it carried out in response to an article in The Intercept. They follow on from an initial statement Gemalto issued earlier in the week. Using more…

View original post 1,028 more words