Now, Google affirms that the problem doesn't rest with Gmail security but rather this scheme was a result of phishing and malware.
Google spilled the details on Wednesday via its official blog:
Through the strength of our cloud-based security and abuse detection systems*, we recently uncovered a campaign to collect user passwords, likely through phishing. This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.
The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings.
Gmail users affected by this security mishap should have already been notified. Google's security team outlined a number of steps that Gmail users can take to protect themselves, which should only take about "ten minutes."
Google recommended the following:
- Use two-factor authentication;
- Choose a strong password;
- Watch for suspicious activity warnings in your Gmail account;
- Check your settings for odd forwarding.