enigma1 - 3:04 pm on Aug 13, 2010 (gmt 0)
If you have the past few months server logs and a mechanism to filter out but the googlebot accesses is worth checking out.
I have seen the googlebot before, getting in, from messed up links posted externally (I assume), with something I personally would call, hack attempts or some sort of manipulation. It was reported then and closed pretty fast but I still see others posting about it in the same thread.
So if indeed there are systematic ways to exploit the bot it could be one scenario that may explain the change.
What I never understood out of the SEs is why they index a link or report it in WMT, if they never accessed it or found/validated it inside the domain. Because that will avoid false positives. In other words if the link doesn't exist inside the domain with <a> tag then never index it.
Honestly I doubt you will find approx 400K requests from google inside your server logs. But you may find some strange ones which could force the bot to access pages in different ways I don't know.