It was a pretty serious breach as far as I remember. The assailing party was looking for specific accounts, and got what they were looking for. Just because they didn't take millions of records didn't mean that they didn't have access to them.
Google right after the NSA reveal started doubling up on their efforts to use encrypted links between servers within their data centers, leading me to believe that it could have been a lot worse - just get access to some non-critical host, and if the traffic is unencrypted, just hang out with a packet sniffer and just record all traffic passing by.
Google is much more vigilant with their security (not that they weren't before, just even more so) - It's better to not underestimate the extent of breaches.
Google right after the NSA reveal started doubling up on their efforts to use encrypted links between servers within their data centers, leading me to believe that it could have been a lot worse - just get access to some non-critical host, and if the traffic is unencrypted, just hang out with a packet sniffer and just record all traffic passing by.
Google is much more vigilant with their security (not that they weren't before, just even more so) - It's better to not underestimate the extent of breaches.