We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,785 News Articles

Google password system stolen by 'China attacks'

Single Sign-On technology targeted

The information stolen from Google in cyberattacks late last year included a password system that gives users access to multiple services after just one login, according to a news report.

Google in January said it had been hit by cyberattacks believed to be launched from China that caused the theft of Google intellectual property. The stolen information included the password system, code-named Gaia after the Greek goddess of earth, The New York Times said late Monday, citing an unnamed source.

The software, still used by Google but now known as Single Sign-On, has been discussed publicly only once, four years ago at a conference, the report said.

Gmail users' passwords do not appear to have been lost, but there is a small possibility that attackers with access to the stolen software could find vulnerabilities in it that Google itself does not know about, the report said.

Google spokesman Jay Nancarrow declined to comment beyond Google's original blog post revealing the attacks. In that post, Google cited the attacks and concerns over censorship as it also announced plans to stop filtering search results on its China-based search engine, which it had done for years to comply with government demands. Chinese users are now redirected from the old search engine to Google's Hong Kong site, where political content is uncensored.

Google has said over 20 other companies were also targeted in the attacks.

The theft from Google started when an employee in China clicked on a link to an infected site, which was sent to the employee via instant message, the Times said. The attacker was then able to access the employee's computer and, eventually, a software base used by developers at Google's California headquarters, the report said.

The attackers also had access to an internal Google directory called Moma that stores information about each employee's work tasks, it said.

See also:

PC security advice


IDG UK Sites

5 things we want to see in Android M: New features and fixes

IDG UK Sites

iPad mini 3 release date rumours: 'iPad mini Air' will be 30 percent thinner than current model

IDG UK Sites

Introducing generation tech

IDG UK Sites

This animated film reveals the importance of designing for everyone