A Dutch company that makes SIM cards for cellular phones says it is investigating reports that it was hacked by Britain's electronic spying agency, Government Communications Headquarters, or GCHQ, in cooperation with the U.S. National Security Agency.
A story posted Thursday on the website The Intercept, based on documents provided by whistleblower Edward Snowden, said the hack was aimed at stealing codes that would allow both the U.S. and British governments to seamlessly eavesdrop on mobile phones worldwide.
Those codes are designed to protect the privacy of cellphone owners. Once obtained, they make it possible to tap mobile communications without the consent or knowledge of telecom operators.
"Once you have the keys, decrypting traffic is trivial," Christopher Soghoian, the principal technologist for the American Civil Liberties Union, told The Intercept. "The news of this key theft will send a shock wave through the security community."
Amsterdam-based Gemalto, which describes itself as the world leader in digital security and serves clients in 190 countries, said in a statement Friday it could not immediately confirm the reported hack and "had no prior knowledge that these agencies were conducting this operation."
Gemalto says it "will devote all resources necessary to fully investigate" the reported hack.