SIM card (Photo : Reuters/Ina Fassbender)
The U.S. National Security Agency (NSA) and the UK's General Communications Headquarters (GCHQ) are alleged to have hacked the world's largest manufacturer of SIM cards.
All the encryption keys they obtained allowed them to spy on people without first securing a warrant.
On Thursday, whistleblower Edward Snowden leaked this information to the Internet, according to The Register. One of its computer security experts, Bruce Schneider, referred to the news as "huge."
Schneider was amazed because all of the SIM keys were stolen. He also said it 's unlikely the NSA and GCHQ had only attacked one firm.
The company whose SIM cards were stolen was Gemalto headquartered in the Netherlands. Every year, it produces some two billion SIM cards.
The group that stole the encryption keys is called MHET for Mobile Handset Exploitation Team. The Intercept published the slides that proved the heist of the SIM card data.
Companies that use the hacked SIMs include AT&T, Sprint, Verizon, and about 450 providers of wireless network. The hacking seems to have been a simple task for the NSA and GCHQ.
In Operation DAPINO GAMMA, the hackers first accessed the e-mail and Facebook accounts of Gemalto staff. After accessing their computers, they accessed the company's entire network.
The hackers wanted to access the Ki encryption keys found in the Gemalto SIM cards. This information is intended to be secret.
Calls that were intercepted and stored years ago can be decrypted. That is possible when the Ki encryption keys are stolen.
The recent hacking may cause Gemalto to review some of its other security procedures. Gemalto also supplies chips for electronic passports countries such as the USA issue. Gemalto is also part of the mobile banking sector.
The NSA didn't respond when CNBC asked it to comment on the situation. Also, CHGQ declined to comment, according to CNBC.
