Google said on Wednesday that hackers believed to be based in Shandong province in China have attempted to trick hundreds of Gmail users into giving away their passwords, including those belonging to US government officials, Chinese political activists, officials in several Asian countries, military personnel and journalists.
In a post on the company’s blog, Eric Grosse, a member of the Google security team, said that the passwords had been obtained “likely through phishing,” with the probable aim being to monitor e-mail content. Forwarding and delegation settings would likely have been changed too, he said.
The company pointed out that it had “detected and disrupted” the security breach and contacted victims, securing their accounts in the process. The relevant government authorities have also been informed, Grosse said. A Reuters report quoted White House spokesman Tommy Vietor saying that he had no evidence suggesting that any government email accounts had been accessed. The report also stated that the FBI were currently reviewing the matter.
Google was keen point out that its internal systems had not been affected by the attack. “These account hijackings were not the result of a security problem with Gmail itself,” Grosse said. “But we believe that being open about these security issues helps users better protect their information online.”
The blog post suggests some ways users of Google’s products can improve their security, including 2-step verification, which uses a phone and second password on sign-in. This method, said the company, protected some users from this latest attack.
It’s not the first time Google believes it has been targeted by hackers based in China. In March, the company claimed that the Chinese government had hacked its Gmail service in an attempt to quell social unrest in the country, and in December last year cables released by Wikileaks appeared to show that another attack on Google had been approved by senior Chinese officials.