Safe as houses
In the wake of a recent account hijacking campaign, Google is reminding its users to ensure they have taken adequate measures to ensure their data remains safe online.
The campaign, says Google, affected " what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists."
The purpose of the attack was apparently the monitoring of private email communication, forwarding emails from the indented recipient to other accounts. The compromised passwords were likely obtained via phishing scams, says Google.
Because the attack was on the client-side and not a weakness at Google's end, Google is unable to take any direct action to stop it - although it is of course reacting when breaches are detected. To that end, Google is encouraging users to make sure that they have used strong, unique passwords for their Gmail accounts (and any other accounts, for that matter).
Furthermore, Google is reiterating that particularly conscientious Google account holders can activate two-stage authentication, which requires both a password and a code send to a phone to unlock the account in question. As this extra authentication step is only required every 30 days, is an extremely low inconvenience to suffer for a considerable boost in security.
Google can only do so much itself to protect its users from itself, so it's encouraging to see it doing its best to offer customers ways to ensure their data remains secure - especially given the "you're on your own" attitude exhibited by some other tech companies recently.
