Google says hundreds of personal gmail accounts, including those
of some senior US government officials and military personnel,
were hacked as a result of a massive phishing originating from
The account hijackings were a result of stolen passwords, likely
by malware installed on victims' computers or through victims'
responses to e-mails from malicious hackers posing as trusted
sources, or what is known as phishing.
Gmail's security systems themselves were not compromised, Google
The company believes the phishing attack emanated from Jinan,
China. In addition to the US government personnel, other targets
included South Korean government officials and federal workers of
several other Asian countries, Chinese political activists,
military personnel and journalists.
"The Department of Homeland Security is aware of Google's message
to its customers," CNN quoted Chris Ortman, a spokesman for the
agency as saying.
"We are working with Google and our federal partners to review the
matter, offer analysis of any malicious activity, and develop
solutions to mitigate further risk."
The news comes a little more than a year after a separate hack
originating from China affected gmail accounts of Chinese human
rights activists. In that case, attackers were able to break
through Google's security systems, and two Gmail accounts were
CNN said a Google spokesman declined to comment on how the company
obtained the information about the most recent hack.
Public information, user reports and a third-party hacking blog
called Contagio was used to determine the scope, targets and
source of the attack.