Leading SIM card vendor Gemalto said initial inquiries show its products are secure and it does not expect to suffer a significant financial impact, following last week’s report that encryption keys were hacked by US and UK security agencies.
The firm’s update was in response to the report that the National Security Agency and Government Communications Headquarters (GCHQ) stole the keys engraved in Gemalto, and possibly other vendors’, SIM cards in 2010 and 2011.
A preliminary investigation already indicates that Gemalto’s SIMs, as well as its banking cards, passports and other products and platforms, remain secure and it does not anticipate a negative financial hit, it said.
Gemalto will deliver a more in-depth update on its investigation on 25 February through an announcement and press conference.
The company is “devoting the necessary resources to investigate and understand the scope of such sophisticated techniques,” it added.
The original report by The Intercept said the keys, which protect mobile users’ privacy, were stolen by two security agencies via a break-in to Gemalto’s internal network. The French firm is the largest SIM card vendor in the world.