PARIS, Feb. 25 (UPI) -- SIM card giant Gemalto said U.S. and UK intelligence agencies could be responsible for hacks into its networks but doubts millions of mobile device encryption keys, used in cellphones worldwide, were stolen.
The company said Wednesday its internal investigation revealed intrusions in 2010 and 2011 in the outer parts of its network that gave "reasonable grounds" to believe the National Security Agency and its British counterpart, Government Communications Headquarters (GCHQ), were involved.
"At the time we were unable to identify the perpetrators, but we now think that they could be related to the NSA and GCHQ operation," the company said in a written statement. "These intrusions only affected the outer parts of our networks – our office networks - which are in contact with the outside world."
Gemalto, the world's largest maker of cellphone SIM cards, launched the investigation after The Intercept reported that documents had been leaked by former NSA contractor Edward Snowden. SIM cards are small chips used to identify mobile phones or credit cards and can encrypt data and voice communications.
Related
- Sim card giant probes possible cybertheft by U.S., British spies
- Hackers carried out the largest bank heist in history, as much as $1 billion
- British teen arrested in Christmas PlayStation/Xbox hack
- German government hacked by pro-Russian group
- North Korea has no sense of humor, U.S. spy chief says after watching 'The Interview'
Gemalto Chief Executive Officer Olivier Piou said the company does not plan to take legal action against either spy agency.
"The operation very probably happened," Piou said in a news conference, but "it's difficult to prove our conclusions legally, so we're not going to take legal action."
The company said that even if SIM card data were stolen, it would not have compromised the newer forms of the card for 3G and 4G networks. It would have only worked for the older 2G wireless networks.
The GCHQ said it does not comment on intelligence, adding "all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee."
The NSA did not comment.
