Last year there was a concentrated attack on Google's central email system, according to them, that originated in Jinan, China. This week, the attack was focused on individual Gmail accounts, the company said Wednesday.
Also last year, Google pulled back some of its business dealings within China in response to the attacks that are said to emanate from a state-sponsored school,.
This year, Google told the San Jose Mercury News they "have more than 500 employees and hundreds of partners in China and we plan to continue to work there."
Federal agencies, including the FBI, are investigating the breach that focused on private e-mail conversations of U.S. and foreign government officials, political dissidents, journalists and others, the paper reported.
The type of attack is known as "spear phishing," where hackers ask for small amounts of personal information to trick them into disclosing greater access. In this case, users got emails from recognizable associates.
Google's official blog addressed the situation:
Through the strength of our cloud-based security and abuse detection systems*, we recently uncovered a campaign to collect user passwords, likely through phishing. This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.
Google lists six strong tips to help users ensure greater e-mail security, including an enhanced-security video how-to. The greatest way, of course, is protecting that password. Use something unique for Gmail. Change it twice a year. Use a two-step verification that Google provides, as well.