Google does a great job of pretending to protect your privacy - and collects more information on you than any other non-government organization.
And if you want to try to provide a bit of security for yourself by keeping your online personae separate, they fight against you, trying to make you use your real name and expose you to the public without your consent.
60 minutes mentioned their information gathering in one of their broadcasts, but said they think it wasn't a problem because they didn't "sell" it. Seriously? What do they gather it for then? Is it to give themselves clout, to give themselves a way of manipulating others? Like, J. Edgar Hoover didn't "sell" the information he gathered on political figures either - but he put it to use in benefiting his own agendas. He was an anti-American criminal that deliberately worked to subvert the Constitution and U.S. Supreme Court.
So, the question becomes, if the breach came from other sites, how were all these accounts linked to Google in the minds of the investigators? They wouldn't have been unless something pointed to a common source. I don't believe Google for a second, and the comment about "We're constantly working to keep your accounts secure from phishing, malware and spam" shows that they are more interested in subverting opinion than reporting the facts and owning up to their part in creating a situation that makes it easier for criminals even if they weren't guilty of misusing the information themselves.