Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Even worst: The hacker could have taken a list of lets say the top 1000 banking (or any type of online service) websites accross the globe. The moment the hacker get access to your gmail account, he initiatite a password recovery request on each of those 1000 websites, get the password reset link from the email, reset the password, delete the email. he could now have access to any other online account you have that had its recovery email set to your gmail account.


Safe to assume that google could track such activity for affected accounts and notify if that was widespread?

(or is that somehow against the 'only our anonymized ad display program can scan your email' privacy policy?)


The most recent statement from google said that "no other data was accessed" so interpret that as you will




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: