Gemalto, the Dutch company which was targeted by US and UK spies, has played down reports that the encryption keys belonging to its SIM cards have been stolen.
On 20 February, 2015, leaked documents from the cache stolen by Edward Snowden while he was working with the NSA revealed that in collaboration with GCHQ, the agencies had hacked into the systems belonging to Gemalto and stolen the encryption keys which protected its SIM cards.
In a brief statement published on Monday, 23 February, the company sought to reassure its customers and the millions of people around the world that the SIM cards they are using are not compromised:
Initial conclusions already indicate that Gemalto SIM products (as well as banking cards, passports and other products and platforms) are secure and the company doesn't expect to endure a significant financial prejudice.
The company said the investigation was on-going and it will reveal the entire results on Wednesday, 25 February, at a press conference in Paris.
The company's declaration that its products are safe seems to fly in the face of the overwhelming evidence produced in the report by The Intercept which originally published Snowden's leaked documents.
Dubbed "the great SIM card heist", the spies from NSA and GCHQ are said to have formed a group called the Mobile Handset Exploitation Team in April 2010 which attacked the internal computer systems of Gemalto and infected it with malware which allowed the spies to monitor everything that was happening. One slide boasted: "[We] believe we have their entire network."
Gemalto is the world's largest SIM card manufacturer and supplies 450 networks and operators in over 85 countries around the world with some two billion SIM cards every year from its network of 28 manufacturing plants.