What actions can and should be taken following a hacked gmail account?

I was under the impression that gmail was pretty safe. Do you guys know how this could have happened?

I guess you havent’t heard of the China-Google affair? Google is working on gmail security right now. It’s a simple but sad part of internet life; there will always be more security, and there will always be advancing hackers.

As for how his account was hacked, only heaven knows that one. There are so many possibilities. I suspect this might have been what happened, but there is no guarantee.

The good news? Gmail is still one of the most secure web-based emails out there.

What should he (and everyone he’s ever emailed) be doing to keep their stuff safe?
This article has some good tips, as does this blog. Also change passwords for every email account at least once a month from now on. But remember there is no 100% way to guard a gmail account from hackers.

Also, we have the IP address of the kid who’s doing this. Is there any legal action that can be taken?

An IP address can give you roughly the city, but not much after that. But, you might try blocking the IP address in gmail or via modem (if your friend and his friends use broadband).

However, you might try hiring a private detective. If enough evidence can be collected, than Internet privacy laws should be in your favor.

The first thing you and everyone else should do is change their passwords. And if you google ip address and give them the hackers ip address you should get pretty close to their actual location.

His PC most likely has a keylogger installed. Something like Spectorsoft eblaster. It records every keystroke he makes and emails it to the spy. Changing his password while on that machine is next to useless.
Tell him to run a good Anti-spyware scan or better yet, use another computer.
Call him. Don’t email, as this will tip off the spy.
Good luck.
His ex-wife now has copies of his emails. Tell him to be careful.

Yes, this really doesn’t have to be a problem with Gmail. Perhaps he just had a weak password, or indeed a keylogger installed. At least let this be a lesson for everyone who reads this to use a secure password ;-)

@Vincentt: But I think both of those are undermined by the fact that since this started, many of his friends are having similar security problems. A keylogger on his computer wouldn’t affect them, nor would a weak password on his part.

@nikipedia A keylogger virus get you in. The next step is to spread trojans from the trusted email.
The first one who gets the keylogger infection sends it to his friends attached to the latest inane joke. Half the friends throw it out without opening. One quarter open it but have good protection that strips it off and the remaining quarter are infected.

Remember two Christmas ago there was a cheap electronic picture frame for sale at a couple of the big box stores that came from China.Infected picture frame from China It was infected with 4 different virus/ infections: a keylogger, a backdoor, trojan password stealer, virus software disabler. there wasa similar one from WalMart and Target. (You cansearch around for it.)
The numbers vary but I heard >300,000 were sold. The manufacturer said it was an accident caused by an employee bringing them into the factory. Yeah right.
People bought the perfectly timed gifts for $20 and when their computer virus alerted them to the new virus, they just ignored it because they thought it was a glitch with the install.