Gmail users are experiencing major technical difficulties today, and many are posting questions about whether there’s a major hack going on. Google, however, has been reassuring people and posting on its forums that the problem is neither security-related nor a phishing attempt.
But it’s no wonder everyone is concerned, as Cloudflare reported on Thursday that a major security hole had made hundreds of thousands of websites vulnerable to hacking, although it said there was no evidence that anyone had used the bug for anything malicious.
Problems with Gmail
While it seems like most of those who are having problems are complaining about Gmail, we can verify that more services seem to be affected. Hangouts had me locked out for a while, even with the correct password. The chat window inside Gmail on the Chrome browser worked, but the separate Hangouts app on desktop wouldn’t let me log in.
(As it turns out, in order to be able to use Google’s Hangouts app, you must set your account to be allowed to access “less secure” apps. The email from Google suggesting that you not do this suggests that you only use Google’s apps. But Google’s own Hangouts app is considered a “less secure” one, apparently, since keeping “less secure” apps from accessing your Gmail account also locks you out of Hangouts.)
A thread on Google’s product forums shows that most of the posts are about issues on mobile devices, although a few are also reporting issues with their linked PC apps. Google’s G Suite Status Dashboard isn’t showing any problems with Gmail, although clearly there’s a big problem because so many people are affected.
Google’s looking into the problems
The Register claims to have been tipped off about “a potential but unconfirmed hack of unknown origin or purpose” regarding Gmail. The media outlet cites a “‘very security conscious’ IT professional who got locked out of his Gmail account.” The person said one of his security phone numbers was changed. It seems like most of those who are complaining about this problem are simply being bounced back out of their accounts, with Google repeatedly telling them to sign in.
Judging from posts on various forums, users with two-step verification disabled seem to be having the most problems. Geographical location also seems to be having an impact, as users in some parts of the world don’t appear to be having these problems, even with two-step verification disabled.
Google is trying to lay fears to rest, saying that it’s investigating and that the problems are not related to any hack.