All cars with a data connection have a SIM card. It's the same little plastic and metal sliver that slots into your phone to connect to the network, make calls, receive texts, and download the latest Beyoncé track. And American and British spies hacked into the largest supplier of SIMs in the world.
According to documents obtained by The Intercept from Edward Snowden, the NSA and its British compatriots at the Government Communications Headquarters (GCHQ) targeted Gemalto, the manufacturer of SIM cards supplied to major telecoms, including AT&T, Verizon, T-Mobile, and Sprint in the U.S.
The two countries stole encryption keys that protect the privacy of mobile device communications by targeting employees at both the company and telecoms, basically stalking people to snatch up as much information as they can to gain access to the company's systems.
So why should you care? Here's The Intercept:
With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider's network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.
Gemalto makes about 2 billion SIM cards every year, which are sold to carriers and then sold to automakers to provide everything from data connections to roadside assistance in cars.
We've rightfully assumed that with GPS in our cars we could be tracked by anyone with the motivation and the know-how, but this breach means that not only are our phones able to be monitored, but potentially all the data that our cars are spewing out.