Replacing certificates and advising users to change passwords prevents exploitation of any previous successful attack. Google have not done anything about previous attacks, but nor have they said such attacks could not have been successful.
Replacing certificates and advising users to change passwords prevents exploitation of any previous successful attack. Google have not done anything about previous attacks, but nor have they said such attacks could not have been successful.