Seems like we have a lot of pot-calling-kettle-blacking going around in this thread. Nowhere in your article does it claim that the breach occurred inside Google's network. For all we know, the external workforce (DART, et al) that works for google outside their networks were victims of the IE6 exploit, had the malware infecting their computers, which had access to other systems in Google HQ. I think that might be unlikely, but still, there is not been any concrete explanation from any source. Seems just to be a lot of conjecture on both sides.