An internet privacy researcher has discovered that your browsing history, which includes a record of every site you visit, is potentially one of the most powerful tools for cybercriminals to target.
As a result, a recent hack attack against a company called Google that stole more than 200 million Gmail passwords revealed that Google’s online privacy team had built a system that allowed them to access user accounts in real time, and even steal passwords for users who had never used the service.
The company was also able to steal other personal data from users, such as phone numbers, email addresses and credit card details, from its own data, according to researchers from the security firm Trend Micro.
The attack revealed that a “trusted” user account can be used to create a fake account that allows anyone to login to the company’s network, access all its private information and steal their passwords.
This means that even if an attacker gains access to the system, they can also steal passwords that they have not previously used.
“You are not going to be able to guess what you’re looking for,” security researcher Ben McAndrews said.
“It’s not like you have a dictionary, it’s a list of people you know you have interacted with.”
The researchers say the attack was carried out by an unnamed attacker who accessed Google’s systems in early January, and that Google is now working to patch the vulnerability.
“We don’t know who it was, but we suspect it’s someone in the industry,” McAndrew of Trend Micro told The Verge.
“The vulnerability was exploited before the company patched it, but it’s only now that they fixed it.”
Google says that it has implemented two security updates since the breach.
The first, released on January 11, adds a new feature that will block all new or updated browser extensions from Google Chrome that do not comply with the browser’s security standards, and will block extensions that use the word “chrome” or “google” in their names.
The second, released today, adds an additional protection that blocks any new or modified extensions from appearing on Google’s web sites that do use the same name.
The researchers said the second update is not yet available in Chrome, but is being tested by Google employees.
“The update is a relatively minor change to Chrome,” McMichaela said.
Google has already released a security patch that addresses this issue.
“But Google is not the only company that has patched this vulnerability,” he said.
The company says that all its systems are designed to protect the data of its users, including their passwords, and the security teams have been monitoring the number of new or new-to-user accounts that Google has added to its systems to make sure that they do not have access to their passwords and other sensitive data.
Google says it is actively working to protect against other data breaches in the future.
It added that it is working to ensure that every new Chrome user has a separate “lock down” password that only they can use.
Google’s vulnerability comes at a time when it is also becoming a target of cybersecurity firms.
Last month, Symantec announced that hackers had breached its data centers and compromised a number of the company�s data centers.
The breach exposed sensitive data from about 1.4 billion accounts, including user names, email address and other information, including banking details and credit cards.
Google is also in the process of updating its privacy settings to ensure they don’t allow third parties to use information about it to create fake accounts and steal passwords.