Ludlam letter raises concerns about Gemalto SIM card hack
Members of the British Government Communications Headquarters (GCHQ) and the American National Security Agency (NSA) reportedly hacked into the computer network of Amsterdam-based SIM card maker Gemalto and took smartphone encryption keys used by customers of a number of mobile phone carriers worldwide.
In his letter, Ludlam asked Thodey to urgently confirm how many Gemalto SIM cards Telstra uses in its network and to what extent the telco believes the security of its customers' communications has been compromised by the actions of the NSA and GCHQ.
"I request that you confirm how long Telstra has been aware of this security breach and what remediation steps it will undertake, including the recall of any affected SIM cards," wrote Ludlam.
"I believe that Telstra is in contact with Gemalto on the issue, and I would urge you to take a transparent approach with customers in disclosing the extent of this very serious problem."
A Telstra spokesperson told Computerworld Australiatoday that the telco sources SIM cards from multiple suppliers, including Gemalto.
"We're in contact with Gemalto and they are investigating the claims. We will work with Gemalto to address any issues they might identify," the spokesperson said.
The spokesperson added that Telstra takes customers' privacy and security "very seriously".
"SIM card encryption is just one of a multiple ways Telstra secures our network and the communications of our customers."
Read more:Telstra wins $12.5 million Allianz contract
Australian Privacy Commissioner Timothy Pilgrim said he is making enquiries with a number of telecommunications providers in relation to the issue.
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia
Read More: