Australian Privacy Commissioner Timothy Pilgrim is investigating reports about SIM card encryption keys made by Gemalto – including many used in Australia – having been allegedly hacked by US and British intelligence agencies during 2010 and 2011.
Members of the British Government Communications HQ and the American National Security Agency reportedly hacked into the computer network of Amsterdam-based Gemalto and took smartphone encryption keys used by customers of a number of mobile phone carriers worldwide.
Telstra, Optus and Vodafone Australia have sold phones with SIM cards produced by Gemalto – and it appears Pilgrim may have the telcos in his sights.
In a media statement, he noted that Australian Privacy Principle 11 requires an organisation to take “reasonable steps to protect the personal information that it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure”.