No, we didn't have any specific reason to believe that. Other hash functions have had weaknesses demonstrated and that's why there has been efforts to remove them from use. That wasn't the case for SHA1. We just knew that from a complexity standpoint, it was likely to be next in line to get attacked. But, there was no clear time scale for that to happen. It wasn't expected to happen for a few more years at the soonest. That's why most of the security industry was pushing gack against Googles attempts to depricate it.

I think everybody knew SHA1 was vulnerable in theory, that was no secret.

There had been some chat in the security arena about Googles motivations for pushing for the sunsetting of SHA1. Some speculated they 'knew something that we don't all know' about potential weaknesses to SHA1. Seems that camp may have been on the right path.

I figure in the vast majority of cases (even for most servers), SHA1 is plenty good enough. Even MD5 is good enough for the average person. In the perspective of companies like Google, IBM, MS, Dropbox, etc, I can definitely see why SHA256 is a necessity.

EDIT:
I kind of just realized that Google probably caused more damage with this discovery than they hoped to prevent (especially if those PDFs get released). The average hacker has nowhere near the resources Google has to come to the same conclusion, so as far as hackers were concerned, discovering this wouldn't have been worth their time. Sure, some people would know that it is statistically possible to have 2 different files with the same checksum, but, I don't think anybody knew specifically how to do it. Now, there's definitive proof of it, and we know what file type is known to work.

Regardless, this is very interesting stuff.


EDIT 2:
Contrary to people's adamant suggestions, checksums are not specifically intended for security. To quote from wikipedia:
"A checksum is a small-sized datum from a block of digital data for the purpose of detecting errors which may have been introduced during its transmission or storage. It is usually applied to an installation file after it is received from the download server. By themselves, checksums are often used to verify data integrity but are not relied upon to verify data authenticity."
Checksums are a great way to ensure data has been accurately (and therefore securely) transferred, but again, that's not the purpose.

People really need to chill out and do some research... Sure, I may have been implicit in my statements but that doesn't make them as wrong as others seems to suggest.