U.S. and U.K. intelligence agencies have reportedly hacked into the computer network of giant SIM card maker Gemalto and taken smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide.
The British Government Communications Headquarters (GCHQ), allowed the two spy agencies to monitor a large portion of the world’s mobile phone voice and data traffic, according to a story in The Intercept.
The hack was detailed in a 2010 GCHQ document leaked by former NSA contractor Edward Snowden, the story said. About 450 mobile carriers, including AT&T, T-Mobile, Verizon Wireless and Sprint, use the company’s SIM cards.
With the compromised encryption keys, the surveillance agencies would be able to monitor mobile communications without the approval of the carriers or foreign governments, The Intercept story said. The encryption keys would allow the agencies to intercept mobile traffic without court-ordered warrants or wiretaps, the story said.
GCHQ also said it had access to billing servers of mobile carriers, allowing it to manipulate customer charges in an effort to hide surveillance on phones, the story said.
Representatives of the NSA and Gemalto did not immediately respond to requests for comments on the story.