Last week while I was using my friends laptop, he found out that his Gmail
account had been breached ( according to the account activity on Gmail). I
accessed my own Gmail account just before or the same time. Now it seemed like
I accessed his email, which I did not. His Gmail account activity shows the
same IP address as the one I used.
Is it possible that someone could have hacked in and used the same IP
address to access my friends Gmail account?
In short, probably not.
IP addresses are technically not able to be hacked. They’re fundamental to
routing data on the internet, and as such an attempt to hack an IP address
would break the hackers connection to whatever he was trying to access.
However, there are actually a couple of common reasons that accesses from two
different machines might appear to be from the same IP address.
I’ll look at ’em both.
Two machines can appear to have the same IP address on the internet at the same time if they happen to both be behind the same router.
In your home, you may have a router that connects to the internet as provided by your ISP. That connection can then be shared among multiple computers.
Part of what’s being shared in the IP address.
In a situation such as this, the IP address is actually assigned to the router – it then in turn assigns local area network IP addresses to each of the machines connected to it. These are usually addresses of the form 192.168.x.x which by definition cannot appear on the internet itself. Each time a machine makes a request of the internet the IP address is “translated” by the router and appears to come from the single internet IP address that was assigned to it.
In other words, all the machines behind the router look like they have the same IP address on the internet.
Two machines can appear to have the same IP address on the internet at different times if they connect via DHCP.
DHCP dates back to the days of dialup when computers were typically only connected for a short while before someone had to use the telephone again. When you connected your computer via dialup, an IP address was assigned on the spot, and when they disconnected it was released. If another computer came along and dialed up after you had disconnected there is a good possibility that they might be assigned the same IP address that you’d just been using.
Even though we’re often connected for much longer, the same technology is still in use. Depending on your equipment and how you connect it’s very possible that your ISP is assigning you an IP address when you first connect and releasing it some time later. Once again, if after you disconnect someone else comes along it’s possible that they could be assigned that IP that you’d just been using. And much like dialup, they really don’t have to be all that close to you either, they simply need to be using the same ISP.
To muddy the waters even further, you don’t really even have to disconnect to have your IP address released out from underneath you and placed back into the available pool. The protocol is such that you’d be assigned a new one immediately, and you’d never notice, but I’ve seen it happen. The net effect is that even if you’re connected continuously your IP address could change, and the one you had been using could be assigned to another machine elsewhere.
Finally, one note about your specific situation – it’s possible that it could be something as simple as his having had “remember me” checked so that when you went to check your email it “touched” his and recorded your IP address before you logged in as yourself. Similarly, if you use a different browser, both accounts could have been logged in simultaneously. Finally, if he’s running a tool like GTalk or the Gmail notifier, these too could have retained a persistent connection to Google and his account while you read your email.