Archive | chrome RSS feed for this section

I was violated! Hackers Attack Google Password System

17 Jan

Originally posted 27 April 2010 @

Anyone else miss this? In January this year Google announced that hackers had managed to steal information from their computers, but they were pretty vague on the details of what was actually stolen. It has recently been revealedthat the hackers managed to get their hands on something pretty significant: Google’s password system, called Gaia, which controls access by millions of users worldwide to all of Google’s web services, including email.

The company claims that no passwords were stolen but I can assure them that at least one password was: mine. Earlier this week I logged into my Gmail account to discover that a considerable number of strange email messages had been sent out to numerous contacts in my address book during the previous night. These emails consisted of a random name in the subject line and a non-descript hyperlink in the subject. This link, predictably, took the unsuspecting user to a rather unsavoury website peddling knock-off Viagra. Many of those who received such an email were savvy enough to recognise it as spam and immediately deleted it. But others were not, and there ensued embarrassing conversations about the mechanics of both spam email and erectile dysfunction medication…neither of which I particularly wanted to explain to my mother.

Security experts will tell us that this kind of experience is a wake up call for frequently changing your passwords and so on, but I do all that already; my passwords are strong and impossible to guess, I change them frequently, never write them down or share them with anyone. I’ve created a number of Gmail accounts over the years, for various work and personal purposes, and although I know of many people whose accounts have been compromised it’s never happened to me before. I’ve done all the things Google’s security page advised me to do after I reported the incident but my confidence has been shaken. I know in my logical mind that this was most likely a random one-off event, could have happened to anyone, but despite all the reassurances I still have this niggling concern about the security of my account due to the scale of the data theft from Google’s computers. Faced with the reality of being hacked, I realise now how much I took for granted the veneer of data integrity; I believed Google, like any large corporation and uber-brand, to be a paragon of security. Perhaps even more than others given the physical and virtual lengths to which they will go to reassure users their data is protected . Much like with doctors or pilots, I need to believe that those in whom I place my unmitigated trust are deserving of it…the thought they may be fallible is unnerving to say the least.

Call the Hyperbole Police of you must, but this is my most personal of personal data, my holiest of holies. I guess I was lucky that whomever it was that accessed my account only sent out a few dozen seemingly innocuous spam messages…I can’t even begin to imagine what might have happened had their intentions had been more malicious.