A new attack by the American and British spy agencies has apparently stolen millions of encryption keys stored in disposable SIMs that keep a user's data from being read.

New documents released by fugitive American intelligence analyst Edward Snowden claims the SIMs (subscriber identity modules) made by the Dutch firm Gemalto were targeted by the U.S. National Security Agency (NSA) and the U.K.'s Government Communications Headquarters (GCHQ).

Like Us on Facebook

Gemalto is the world's largest maker of SIM cards and produces two billion SIM cards a year. Its U.S. headquarters is at Austin, Texas.

Media reports claim GCHQ hacked into Gemalto's servers and analyzed the emails of Gemalto employees to find key persons that might have access to the company's encryption key generating systems. GCHQ and NSA wanted to steal millions of keys as they were transmitted between Gemalto and its wireless network providers. They apparently succeeded.

These wireless network providers include AT&T, T-Mobile, Verizon and Sprint plus hundreds of wireless network providers worldwide.

Each SIM has a unique encryption key that protects the mobile phone communications of millions of customers worldwide, said a story in The Intercept. An encryption key is installed in each SIM and automatically sends a copy of the key to the provider so its network can recognize an individual's phone.

GCHQ and the NSA allegedly intercepted these wireless transmissions to steal the encryption keys. GCHQ is said to have developed an automated technique that increased the volume of encryption keys harvested.

With the encryption keys in their possession, both spy agencies can eavesdrop on communications that should have been protected by encryption. This method also avoids alerting the wireless company or the person using the phone to the fact someone else is listening.