GMail Security Glitch

A serious flaw is discovered in Google's free email service allowing hackers to steal users' entire contact lists.

To exploit the flaw, the hacker would add a piece of code to their website server, which in turn gave them access to the Gmail contacts of passing browsers, so long as they were also signed in to their Gmail account in another window.

The hacker could then add the stolen contacts to an email spam database, or sell them to other spammers.

Gmail, the third most popular free web-based email service, has been embraced by both personal and business users alike, largely because it allows for easy access to messages from any computer worldwide.

Google's security team appeared to have fixed the flaw within hours, but various subsequent reports suggested the fix didn't address the full extent of the issue.

Further, it is understood that spammers were exploiting the security hole for quite some time before it was discovered.

More at The Age