The hackers used the most common hacking technique of phishing. They tricked the people into believing that the information they are getting is coming from an official source. The hackers sent emails to the affected individuals, making themselves look like co-workers. They were monitoring the accounts and altering settings to enable forwarding and guest access to the accounts. Google has finally traced down the attacks after noticing some suspicious sudden change in the ip address of the users and multiple logged in account on few computers. The fake login page attackers used look quite similar to the actual login page of Gmail, but a closer look reveals some major differences.
This is the fake gmail login page that the hackers used to fool the victims. Please read this article to see how to avoid phishing.