Has Google ever suffered a breach on this scale? Having worked in IT in the government vs. the private sector, it really seems as though government could care less about security.
Does operation Aurora count by the Chinese government? It was a big enough deal to Google that they stopped operating a search engine within China's borders.
https://en.m.wikipedia.org/wiki/Operation_Aurora
It was a pretty serious breach as far as I remember. The assailing party was looking for specific accounts, and got what they were looking for. Just because they didn't take millions of records didn't mean that they didn't have access to them.
Google right after the NSA reveal started doubling up on their efforts to use encrypted links between servers within their data centers, leading me to believe that it could have been a lot worse - just get access to some non-critical host, and if the traffic is unencrypted, just hang out with a packet sniffer and just record all traffic passing by.
Google is much more vigilant with their security (not that they weren't before, just even more so) - It's better to not underestimate the extent of breaches.
When I search my email on haveibeenpwned.com, one of my results is the following:
Bitcoin Security Forum Gmail Dump: In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum. Whilst commonly reported as 5M "Gmail passwords", the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were confirmed by multiple source as correct, albeit a number of years old.
Most US companies have security breaches all the time. However, unless a social security number, health information or credit card is accessed there are no real reporting rules. Most companies do not disclose attempted/successful cyberattacks on their networks.
Therefore, if google isn't storing large numbers of credit cards, social security numbers of health records they probably will never tell you wether or not they had their servers breached.
