Google said that Gmail email accounts in United States and Asia have been penetrated by hackers who stole the passwords through a phishing scam. Many of the accounts broken belonged to senior US government officials Chinese political activists, military personnel, and journalists.
Hackers in Jinan, China, used a tactic called phishing to get passwords to get full control of users' email accounts, according to Google Security Team Engineering Director, Eric Grosse.
The 'Spear phishing' led users to a fake Google log-in page where users would normally enter their password.
We believe that being open about these security issues helps users better protect their information online, Grosse said on the blog. However, Grosse clearly mentioned that Google's internal systems is not affected, as the account hijackings were not the result of a security issue with Gmail itself.
On the other hand, Google is not ruling out the possibility of the hacking being state supported.
Lately, the tension between China and countries such as United States and South Korea has heated up. The reason for this is that Chinese hackers have stolen the login details of hundreds of senior US and South Korean government officials as well as Chinese political activists.
Now the FBI is working close with Google to investigate the incident.
We are aware of Google's announcement regarding attempts to obtain passwords and gain access to these accounts. We are working with Google to review this matter, said the spokeswoman Jenny Shearer of FBI.
In January 2010, Gmail accounts of Chinese human rights activists were attacked by a highly sophisticated hackers originating from China.
Google has recently developed an improved security features, including two-step authentication, where users are asked to put both a pin generated by their mobile phone and a password to check their emails.