Edward Snowden reveals that NSA and GCHQ hacked SIM card manufacturer Gemalto: reports, British and American spies stole the encryption keys from the largest SIM card manufacturer in the world, according to a government document handed to The Intercept by National Security Agency whistleblower Edward Snowden.
The NSA and its British counterpart Government Communications Headquarters targeted Gemalto, a multinational firm in the Netherlands that makes mobile phone SIM cards, to monitor mobile communications without permission from telephone companies.
Gemalto currently creates SIM cards for AT&T, T-Mobile, Verizon, Sprint and 450 other wireless network providers around the world. Gemalto produces around 2 billion SIM cards every year.
The breach, detailed in a 2010 GCHQ document, also gave the NSA and GCHQ the ability to monitor phone activity without leaving a trace that wireless providers could track. The intelligence agencies were also allowed to decrypt communications that they previously couldn't decode.
Gemalto said that it was unaware of the hack until The Intercept reached out to them for comment. The SIM manufacturer said it launched an investigation on its system Wednesday, but it wasn't able to find any trace of the security breach.
"I'm disturbed, quite concerned that this happened," Paul Beverly, Gemalto executive vice president, told The Intercept. "The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn't happen again."
The top-secret GCHQ document also revealed that the intelligence agencies cyberstalked Gemalto's employees in an effort to secretly obtain information that could give them access to millions of encryption keys.
It's still unclear as to whether or not other Gemalto security products and data were compromised. It's also unclear how many wireless network providers and customers have been affected in the breach.
T-Mobile, Verizon, Sprint and AT&T were asked by the Daily News to comment on the issue, but a response was not immediately returned.
The NSA and GCHQ have declined to comment on the document leak.
The NSA and its British counterpart Government Communications Headquarters targeted Gemalto, a multinational firm in the Netherlands that makes mobile phone SIM cards, to monitor mobile communications without permission from telephone companies.
Gemalto currently creates SIM cards for AT&T, T-Mobile, Verizon, Sprint and 450 other wireless network providers around the world. Gemalto produces around 2 billion SIM cards every year.
The breach, detailed in a 2010 GCHQ document, also gave the NSA and GCHQ the ability to monitor phone activity without leaving a trace that wireless providers could track. The intelligence agencies were also allowed to decrypt communications that they previously couldn't decode.
Gemalto said that it was unaware of the hack until The Intercept reached out to them for comment. The SIM manufacturer said it launched an investigation on its system Wednesday, but it wasn't able to find any trace of the security breach.
"I'm disturbed, quite concerned that this happened," Paul Beverly, Gemalto executive vice president, told The Intercept. "The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn't happen again."
The top-secret GCHQ document also revealed that the intelligence agencies cyberstalked Gemalto's employees in an effort to secretly obtain information that could give them access to millions of encryption keys.
It's still unclear as to whether or not other Gemalto security products and data were compromised. It's also unclear how many wireless network providers and customers have been affected in the breach.
T-Mobile, Verizon, Sprint and AT&T were asked by the Daily News to comment on the issue, but a response was not immediately returned.
The NSA and GCHQ have declined to comment on the document leak.
