Dutch SIM-maker Gemalto has confirmed Wednesday it was a victim of a cyber-attack, likely perpetrated by British and U.S. intelligence agencies, but it claims it did not result in a significant privacy leak.
Gemalto’s internal investigation gave the company “reasonable grounds to believe” an operation by the U.S. National Security Agency and its British counterpart “probably happened.”
The operation was reported last week on the website The Intercept, based on documents supplied by Edward Snowden. The report claimed the NSA and the British Government Communications Headquarters obtained encryption keys which allowed American and British government officials to monitor mobile communications, possibly without warrants.
Gemalto, a supplier to major mobile phone operators including AT &T, T-Mobile, Verizon and Sprint with presence in 85 countries, says the attacks in 2010 and 2011 “only breached its office networks and could not have resulted in a massive theft of SIM encryption keys.”
In its report, Gemalto did say that many other companies were victims of the same attack as well. “The analysis of the documents shows that the NSA and GCHQ targeted numerous parties beyond Gemalto,” said the company.
The Associated Press contributed to this report
Have something to add to this story? Share it in the comments.