Google Chrome users' data including names, email addresses, mailing addresses, phone numbers, bank account numbers, social security numbers and credit card numbers are vulnerable, a new security research reveals.
As part of the research, the sensitive data management solutions provider, Identity Finder, performed in-depth scans on several employee computers through the use of latest Sensitive Data Manager.
During the scan, SDM was able to detect several Chrome SQLite and protocol buffers that stored a range of information and the data found was similar to that among all employees who constantly used Chrome.
Further, the firm confirmed with each employee that sensitive data, including social security and bank account numbers, were only entered on secure, reputable websites, and found that Chrome saved copies of all such data in the history provider cache.
Identity Finder CEO Todd Feinman said that with most sensitive data stored by Chrome, such as passwords, the only way for malware or a hacker to gain access is if a user is logged in.
"However, in this case some information is stored in clear text and is accessible whether or not the user is logged in," Feinman said.
"By default, Google Chrome stores form data, including data entered on secure websites, to automatically suggest for later use.
"This stored data is unencrypted text and accessible if your computer or hard drive is stolen or is infected with malware."