By ,
Published November 04, 2015
Attackers who breached Google Inc.'s systems last year gained access to computer code for the software that authenticates users of Google's email, calendar and other online programs, according to a person familiar with the matter.
The code was contained in a repository that contained code for Google's online applications and was also breached, this person said.
The disclosure comes as much about the nature of the attacks and the perpetrators behind it remain unclear. Google, which disclosed the attacks in January, opted following the incident to shut down its censored search service in China.
Security experts had previously uncovered evidence that the attackers had stolen some source-code from the company, by exploiting a security flaw in Microsoft Corp's Internet Explorer.
A Google spokeswoman Monday declined to comment beyond the company's initial statement on the attacks, which said that some of the company's intellectual property was stolen and that it believed the attack originated from China.
Chinese officials have denied that their government is responsible.
At the time, Google said it believed that the attackers were trying to access the Gmail accounts of Chinese human rights activists. The company said that it had traced the attacks to China. It said that only two Gmail accounts appear to have been accessed and that activity was limited to account information not the content of the emails. The company added that it had enhanced its security.
The person familiar with the matter said that the attackers gained access to Google's computer code by compromising a workstation used by a Google engineer.
Google's password-management system, known as Gaia, does not store passwords or user information; rather it is the instructions that allows Google to recognize when a Google users already logged into one service, like Gmail, tries to log into another. Gaining access to the system is the equivalent of learning how to operate a filing system, and not accessing the information contained inside, the person familiar with the matter said.
Continue reading at The Wall Street Journal
https://www.foxnews.com/tech/china-hackers-gained-access-to-key-google-code