Britain’s electronic spying agency and the US National Security Agency stole codes from a Dutch company allowing them to eavesdrop on mobile phones, documents suggest.
GCHQ and the NSA hacked into the networks of Netherlands-based Gemalto, to steal the codes, according to the documents given to journalists by NSA whistleblower Edward Snowden.
A story posted on the website The Intercept offered no details on how the intelligence agencies employed the eavesdropping capability – providing no evidence, for example, that they misused it to spy on people who were not valid intelligence targets.
But the surreptitious operation against the world’s largest manufacturer of mobile phone data chips is bound to stoke anger around the world.
It fuels an impression that the NSA and its British counterpart will do whatever they deem necessary to further their surveillance prowess, even if it means stealing information from law-abiding Western companies.
The targeted company, Gemalto, makes SIM cards, used in mobile phones and credit cards.
One of the company’s three global headquarters is in Austin, Texas. Its clients include AT&T, T-Mobile, Verizon and Sprint, The Intercept reported.
The Intercept offered no evidence of any eavesdropping against American customers of those providers, and company officials told the website they had no idea their networks had been penetrated.
Experts called it a major compromise of mobile phone security.
The NSA did not respond to a request for comment.
In the past, former agency officials have defended using extra-legal techniques to further surveillance capabilities, saying the US needs to be able to eavesdrop on terrorists and US adversaries who communicate on the same networks as everyone else.
The NSA, like the CIA, breaks the espionage and hacking laws of other countries to get information that helps American interests. Still, the methods in this case may prove controversial, as did earlier Snowden revelations that the NSA was hacking transmissions among Google’s data centres.