After a thorough investigation, Gemalto, the world’s largest producer of SIM cards, announced today that its network was hacked, but it didn’t result in massive theft of keys used to encrypt conversations, messages and data traffic.



The Netherlands-based SIM manufacturer says that it noted sophisticated attacks on its networks between 2010 and 2011 that appear to have been carried out by the NSA and GCHQ spying agencies. However, the company notes that the agencies couldn’t get in far enough to get access to SIM encryption keys.

The company writes in a blog post: "Investigation into the intrusion methods described in the document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened. While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network".

It adds: "No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks." Therefore the hack attacks "could not have resulted in a massive theft of SIM encryption keys", the company concludes.