Oddly, one of my infrequently used Gmail accounts was hacked. Only have it for other existing services, so exists by default.
Clowns seem to run some automated PHP based spider/harvester/spam operation. Spammed people I had received email from in the past. Whole big C class of IPs around their offending IP seems to be full of soiled IPs... likely one big operation.
Nature of the attack / hack is unclear, but I have the IP that did the accessing via Google's own feature that logs access to the account by IP. Since the IP isn't one of mine and access to the account is infrequent it is obvious.
So if you had the IP info of the hacker/idiot and know the provider and the history of the C block of IPs, how would you proceed to get them shut down / unplugged / etc. ?