While Google's internal systems were not compromised, it is directly contacting possibly affected users and providing information on securing their accounts because its top priority is to protect the privacy and security of its users, Eric Grosse, vice president of security engineering, said late Thursday.
Close to 300,000 unique IP addresses from Iran issued by Dutch digital certificate authority DigiNotar, between Aug. 4 and Aug. 29, according to an by security firm, Fox-IT, released on Monday.
The list of IP addresses would be handed over to Google who can inform users that their e-mail may have been intercepted during this period, Fox-IT said.
Google it received reports of attempted SSL (secure sockets layer) man-in-the-middle (MITM) attacks against Google users, whereby someone tried to get between them and encrypted Google services. The attacker used a fraudulent SSL certificate issued by DigiNotar, affecting primarily people located in Iran.
Google Chrome users were protected from the attack because Chrome was able to detect the fraudulent certificate, Google said last week. The company advised on Thursday all users in Iran to take steps to secure their accounts.