Security flaw found in 2G mobile data encryption standard

BERLIN (AP) — Cybersecurity researchers in Europe say they’ve discovered a flaw in an encryption algorithm used by cellphones that may have allowed attackers to eavesdrop on some data traffic for more than two decades. In a paper published Wednesday, researchers from Germany, France and Norway said the flaw affects the GPRS mobile data standard. While most phones now use 4G or even 5G standards, GPRS remains a fallback for data connections in some countries. The researchers say the vulnerability in the GEA-1 algorithm is unlikely to have been an accident. Instead, they think it was probably created intentionally to provide law enforcement agencies with a backdoor. Manufacturers and standards organizations have been notified to fix the flaw.