US and British spies hacked into the world’s biggest maker of phone SIM cards, allowing them to potentially monitor the calls, texts and emails of billions of mobile users around the world, an investigative news website reported.
The alleged hack on Gemalto, if confirmed, would expand the scope of known mass surveillance methods available to US and British spy agencies to include not just email and web traffic, as previously revealed, but also mobile communications.
The Franco-Dutch company said on Friday it was investigating whether the US National Security Agency (NSA) and Britain’s GCHQ had hacked into its systems to steal encryption keys that could unlock the security settings on billions of mobile phones.
The report by The Intercept site, which cites documents provided by former NSA contractor Edward Snowden, could prove an embarrassment for the US and British governments.
According to the report, the UK hacked wireless networks and monitored phone calls in Iran, Afghanistan, Yemen, India, Serbia, Iceland, and Tajikistan.
Although the agency had codes of Pakistan’s Telenor and Mobilink networks, it failed to hack them, most likely because they use safer techniques.
The report opens a fresh front in the dispute between civil liberties campaigners and intelligence services.
It comes just weeks after a British tribunal ruled that the GCHQ [Government Communication Headquarters] had acted unlawfully in accessing data on millions of people in Britain that had been collected by the NSA.
A spokesman for GCHQ said on Friday that it did not comment on intelligence matters. The NSA could not be immediately reached for comment.
“We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques,” said Gemalto, whose shares sunk by as much as 10 per cent in early trading on Friday, following the report.