SAN FRANCISCO — Hackers passed themselves off as the Internet giant Google with the apparent goal of snooping on people using Google services in Iran, the company said.

It was the latest in a string of breaches that call into question the reliability of certificates that are supposed to verify the authenticity of Web sites. Such breaches make dissidents and human rights workers particularly vulnerable because they can allow repressive regimes, or supporters of those regimes, to spy on their online activities.

In this case, the attackers hacked into the site of a Dutch company, one of many that have the authority to issue the digital certificates, and obtained one that they used to impersonate Google. When users in Iran went to a Google site, including Gmail and Google Docs, they could be intercepted by the impostors in what is known as a man-in-the-middle attack.

In a statement posted late Monday night on its security blog, Google said those affected “were primarily located in Iran.” It did not offer further details.