Investigative website The Intercept last week said the US National Security Agency and its British counterpart GCHQ hacked into the firm in 2010 and 2011 and stole the keys, with which they can secretly monitor communications over mobiles without using a warrant or wiretap.
The website made the allegations based on a document leaked by former NSA contractor Edward Snowden.
"In 2010 and 2011, we detected two particularly sophisticated intrusions which could be related to the operation," Gemalto said in a statement.
"During the same period, we also detected several attempts to access the PCs of Gemalto employees who had regular contact with customers," it added.
"At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation."
But the company denied that these attacks resulted in a large-scale theft of encryption keys.
"The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys," it said.