Report: Google password system attacked

A cyberattack in December yielded access to a program that controls millions of users' access to the company's services, according to a New York Times report.

The cyberattack on Google last year reportedly yielded access to a password system that controls millions of users' access to the company's services including e-mail and business services.

Google's Gaia, which allows people to sign in using their password once for a range of services, was compromised during a two-day attack in December, according to a New York Times report that cited a person with knowledge of an internal investigation. However, Gmail users' passwords do not appear to have been stolen, and the company quickly initiated security changes to its networks, according to the report.

The intrusion began when a Google employee in China clicked on a link sent in an instant message that took the employee to a corrupted Web site, which allowed access to the employee's personal computer and ultimately the computers used by a key group of software developers at the company's headquarters in Mountain View, Calif., according to the report.

Google first disclosed the theft of intellectual property in January when revealed that it and other companies were the victims of a "highly sophisticated and targeted attack" aimed at gathering information about human rights activists. As a result of the attack and theft, Google announced it no longer intended to censor search results in that country and would consider leaving entirely.

Source code was stolen from more than 30 Silicon Valley companies targeted in the attacks, which Google said originated in China, though it has not revealed the specific people behind them. For its part, the Chinese government has denied any involvement .

However, tensions between the U.S. and China escalated after U.S. Secretary of State Hillary Rodham Clinton formally denounced Internet censorship in a January speech. China, which has stated that companies doing business in that country must respect and adhere to its laws, responded by warning that the new U.S. stance could hurt relations between the two countries .

Ultimately, Google shut down its Google.cn site and began redirecting users to Google.com.hk, its Hong Kong-based site where it can offer uncensored Chinese-language search services.

Gaia, the code name of the program now known as Single Sign-On, is still in use, the Times noted.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Find Your Tech Type

Take our tech personality quiz and enter for a chance to win* high-tech specs!