"While Google's internal systems were not compromised, we are directly contacting possibly affected users and providing similar information below because our top priority is to protect the privacy and security of our users," Eric Grosse, vice president of security engineering at Google, wrote in a blog post.
First of all, Google urged users in Iran to change their passwords. Second, the company suggested people verify their account recovery options: are the secondary email addresses, phone numbers, and other information provided still accurate? Third, Google urged users to double check the Web sites and apps that have access to their accounts, and revoke any that are unfamiliar. Gmail users were also asked to check settings for suspicious forwarding addresses or delegated accounts.
Finally, Google told users not to click through to Web sites if a warning appears before they load.
At issue is Netherlands-based DigiNotar, which issues certificates that validate Web sites as legitimate. It recently disclosed that it had been hacked, and an investigation into the effect of the intrusion found that, among other things, the hack possibly compromised the Google accounts of more than 300,000 Iranians.
What this means is that when users in Iran and elsewhere navigated to certain Web sites, they might actually be visiting spoofed sites that stole personal information when users logged in. Browser makers like Google, Microsoft, and Mozilla quickly moved to block DigiNotar digital certificates; Apple took some heat for not doing the same on Safari. Adobe is the latest company to also block certificates from DigitNotar.
A hacker known as Comodo Hacker, who got his name thanks to a March hack of Comodo, has also taken credit for the DigiNotar job. He also claims to have accessed GlobalSign, prompting the company to temporarily stop issuing digital certificates.
Read More >>
0 comments:
Post a Comment