NY Times has uncovered that the cyberattack on Google was more serious than previously reported, as the hackers reportedly gained access to the company's Single Sing-On password system. No user passwords appear to have been stolen, but the hackers did get their hands on the source code of the password system, which is regarded as one of Google's crown jewels.
Ever since Google disclosed in January that Internet intruders had stolen information from its computers, the exact nature and extent of the theft has been a closely guarded company secret. But a person with direct knowledge of the investigation now says that the losses included one of Google’s crown jewels, a password system that controls access by millions of users worldwide to almost all of the company’s Web services, including e-mail and business applications.
The new details seem likely to increase the debate about the security and privacy of vast computing systems such as Google’s that now centralize the personal information of millions of individuals and businesses. Because vast amounts of digital information are stored in a cluster of computers, popularly referred to as “cloud” computing, a single breach can lead to disastrous losses.
Full details on how the hackers gained access to Google's computer systems can be read at NY Times.