Gemalto, the world's biggest maker of SIM cards for mobile phones, has reportedly revealed that it has "reasonable grounds" to believe that the National Security Agency and Britain's Government Communications Headquarters (GCHQ) breached its network in 2010 and 2011 but added that it does not believe that the consequences of the attack were as far-reaching as had been reported earlier.
The Netherlands-based company said that the cyber attack could not have resulted in a "massive theft" of SIM encryption keys and added that in the case of an eventual key theft, the intelligence agencies would only be able to spy on second generation 2G mobile networks as 3G and 4G networks are not vulnerable to this type of attack, reported TechCrunch.
The statement was published today by Gemalto in a final report from a probe carried out in response to an article in The Intercept.
Gemalto also said that none of its other products were affected in the attack.
The Intercept had alleged that the two government agencies from the U.S. and UK stole millions of SIM encryption keys to intercept private data. It based its assessment on documents leaked by whistleblower Edward Snowden.
However, Gemalto's statement did not specify the number of encryption keys that were stolen from its own services.
