Gemalto NV, the largest maker of mobile- phone cards and a manufacturer of EMV card chips, said its investigating a report that U.S. and U.K. spies allegedly hacked into its computer network to steal the keys used to encrypt conversations, messages and data traffic.
The U.K.s Government Communications Headquarters and the U.S. National Security Agency started intercepting the encoders in 2010 as they were being shipped to phone companies, allowing them to monitor wireless communications and bypass the need to get permission for wiretapping, the Intercept reported Thursday, citing documents from former NSA contractor Edward Snowden.
Gemalto is a particularly valuable holder of the keys as the French company produces 2 billion SIM cards every year, according to the report.
The publication indicates the target was not Gemalto per se -- it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible, with the aim to monitor mobile communications without mobile network operators and users consent, Gemalto said in a press statement Friday, adding it couldnt immediately verify the findings in the report.
In an e-mailed statement, GCHQ said it couldnt comment on intelligence matters, citing agency policy.
The theft of encryption keys would potentially allow U.S. and U.K. agencies to also unlock communications it had recorded but was previously unable to unlock, the Intercept said.