Vast quantities of e-mail content were accessed, according to two people with knowledge of the breach. They said the FBI was notified last week and that there was some debate within Google about whether to publicize the incident, because to do so could foreclose investigative options.
Google said the targeted attack appeared to originate from the Chinese city of Jinan and also hit the Gmail accounts of journalists, Chinese political activists and South Korean and other Asian officials. Google determined that its users were attacked by phishing schemes, typically e-mails that trick the recipient into surrendering personal information or clicking on links that infect the computer with a virus.
After announcing the incident on a blog post, Google did not elaborate on which U.S. officials were affected, how long the users’ accounts were exposed, or whether the attacker appeared to be a government agent.
U.S. authorities said no official government e-mail systems were breached, but it was unclear whether any of the victims forwarded their work e-mails to Gmail accounts.
The episode escalated tensions between the search giant and the country with the world’s biggest Internet user base. Google pointed the finger at China last year after an attack on its network, and Yahoo blamed Chinese hackers for an attack on its e-mail service. The Lanxiang Vocational School, which trains some computer scientists for the Chinese military, is located in Jinan, where the latest campaign appeared to originate. The school was implicated in last year’s hacking attack on Google.
A Chinese Foreign Affairs Ministry official said Thursday that “any blame against China in this [latest incident] is groundless and with an ulterior motive.” The official, Hong Lei, said in an e-mailed statement that the “Chinese government is firmly opposed to any cyber criminal activity, including hacking . . . [and] is ready to cooperate with the international community to combat against it.”
The White House’s National Security Council said it is looking into Google’s announcement and working with the FBI to investigate.
The Department of Homeland Security has contacted Google and other federal agencies to offer analysis of any malicious activity and develop solutions to reduce further risk, Homeland Security spokesman Chris Ortman said.
Col. Dave Lapan, a Pentagon spokesman, said the Defense Department was aware of news reports about the breach but “has not been contacted directly.” Lapan said that “we are unaware if the targeted individuals are Defense employees.”