I think Google caught themselves hacking one of my gmails. Have I confirmed adequately?

ForestForTrees

Well-known member
I just got an email from Google saying that someone had hacked one of my gmail accounts. I went to security.google.com:

upload_2016-11-14_14-51-28.png


... so the natural thing is to check the IP address. Check out the hostname:
http://whatismyipaddress.com/ip/2607:f8b0:400d:c0d::220

And then there is this:
Code:
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=2607%3Af8b0%3A400c%3Ac08%3A%3A248?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange:       2607:F8B0:: - 2607:F8B0:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
CIDR:           2607:F8B0::/32
NetName:        GOOGLE-IPV6
NetHandle:      NET6-2607-F8B0-1
Parent:         NET6-2600 (NET6-2600-1)
NetType:        Direct Allocation
OriginAS:       AS22577, AS15169
Organization:   Google Inc. (GOGL)
RegDate:        2009-03-12
Updated:        2012-02-24
Ref:            https://whois.arin.net/rest/net/NET6-2607-F8B0-1



OrgName:        Google Inc.
OrgId:          GOGL
Address:        1600 Amphitheatre Parkway
City:           Mountain View
StateProv:      CA
PostalCode:     94043
Country:        US
RegDate:        2000-03-30
Updated:        2015-11-06
Ref:            https://whois.arin.net/rest/org/GOGL


OrgTechHandle: ZG39-ARIN
OrgTechName:   Google Inc
OrgTechPhone:  +1-650-253-0000
OrgTechEmail:  arin-contact@google.com
OrgTechRef:    https://whois.arin.net/rest/poc/ZG39-ARIN

OrgAbuseHandle: ABUSE5250-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-650-253-0000
OrgAbuseEmail:  network-abuse@google.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/ABUSE5250-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#
So the hacker that Google was warning me of appears to be Google itself.

I have several gmail accounts that check other gmail accounts using POP. I suspect that somehow one of these mail checks was identified as an intrusion by automatic software.

I'm leaning toward telling Google at it was me who logged in and just drop it. Any advice? What would you do?

I don't hold this against Google, BTW, as I know they use a lot of machine learning/AI and I know it can often be wrong. At least they have the courage to put their neck out.
 

ForestForTrees

Well-known member
Posting it here because, as we say in Boston, "You guys are SMAHT."
Anyone have any suggestions as to why no one replied? Please be friendly in your response. I genuinely expected that while it was off topic, someone else might have found it interesting. I mean it's a little funny that Google seems to have busted themselves.

Any suggestions as to where a better forum to post this would have been? DigitalPoint? WebHostingTalk?
 

HWS

Well-known member
Happens very often with Gmail. In fact even a little bit annoying...
 

Fred.

Well-known member
Never seen it and I have 10+ gmail accounts but I use 2FA (Yubikey) on all of them.
 

ForestForTrees

Well-known member
Thanks, folks!

I'd also love suggestions about where else to post. This is an awesome community, but I shouldn't be relying on the "Off Topic" subforum. I'd like to find a forum for webmasters/internet professionals dedicated to general internet tech/business discussions. Probably DigitalPoint....
 
Top