Can browsers lose my bookmarks or saved data?

Yes. Browsers from all major vendors have had bugs that silently deleted or corrupted user data such as bookmarks and tags. Firefox had a bug that cleared bookmark tags when cutting and pasting, and Chrome has had profile corruption issues that lost saved data. Always export bookmarks as a backup.

Did Microsoft Edge import data from other browsers without permission?

Yes. In 2020, Microsoft Edge automatically installed itself on Windows and imported bookmarks, browsing history, and other data from Chrome and Firefox without asking. Users had to explicitly reject the import during setup, and if the browser crashed before they could do so, the data was kept.

How can I protect my browser data from being lost?

Keep your browser updated, export bookmarks regularly as HTML backups, use a dedicated password manager instead of relying only on built-in browser storage, and do not continue using a browser version that no longer receives security updates.

Can you trust your browser? Data loss bugs

We trust our browsers with bookmarks, passwords, browsing history, and personal data every day. But browsers from every major vendor have lost or mishandled user data at some point. Here is a look at real incidents across Firefox, Chrome, Edge, and Safari.

Firefox: bookmark tags silently deleted

I discovered this bug myself. It took me some time to notice that Firefox 6 had been silently deleting my bookmark tags. I reported the bug on August 26, 2011 (bugzilla.mozilla.org/show_bug.cgi?id=682512).

Steps to reproduce the bug

Open the Bookmarks Manager (Ctrl+Shift+B).
Right-click a bookmark and select Cut.
Navigate to another bookmarks folder.
Right-click and select Paste.
Result: the bookmark's tags were cleared.
Expected: the bookmark's tags should remain.

The same bug had existed since Firefox 3.6 (bugzilla.mozilla.org/show_bug.cgi?id=415389), meaning it went unfixed for years. According to Mozilla's policy at the time, the fix only shipped in Firefox 7, so Firefox 6 users continued to lose data even after the bug was known and verified.

Mozilla has since changed its update scheme, and new releases now ship as soon as major bugs are fixed rather than waiting for the next major version.

Microsoft Edge: importing data without permission

In 2020, Microsoft Edge began automatically installing itself on Windows computers and importing bookmarks, browsing history, and other data from Chrome and Firefox without asking the user first. The only way to stop this was to explicitly reject the import during setup. If the browser crashed or the user missed the prompt, the imported data was kept.

This was not a software bug but a deliberate design choice. Microsoft faced widespread criticism for treating user data as something to be claimed rather than protected.

Chrome: passwords stored without protection

In 2013, security researcher Elliott Kember discovered that Chrome displayed all saved passwords in plain text through the settings page, with no master password or additional authentication required. Anyone with physical access to the computer could view every stored password.

Google's Chrome security lead Justin Schuh responded that a master password would provide a "false sense of security." Security experts and users strongly disagreed, calling the approach "insane." Chrome later added the option to require the system password before revealing stored passwords. By contrast, Apple's iCloud Keychain has required authentication to view saved passwords since its introduction, and in 2024 Apple released a standalone Passwords app integrated with Safari across all its devices.

In 2024, Google settled a 5 billion dollar class action lawsuit over secretly tracking users in Chrome's Incognito mode, despite the mode's promise of private browsing.

Safari: users left with unpatched vulnerabilities

In 2008, Safari 3 had a "carpet bomb" vulnerability that allowed malicious websites to silently download executable files to the user's desktop. Apple initially denied it was a Safari bug, but eventually released a fix in Safari 3.1.2 after Microsoft issued a security advisory about the combined risk with Windows.

When Apple dropped Safari for Windows in 2012, it left all Windows Safari users with over 121 known unpatched security vulnerabilities and no path to update. Security firm Sophos warned that these users were permanently exposed to attacks.

Apple also made changes to Safari's extension system in 2018 that broke popular ad blockers including uBlock Origin, limiting the number of content-blocking rules extensions could use. Several developers discontinued their Safari extensions as a result.

Why bug fix policies matter

A common policy across browser vendors is to fix bugs only in the next major version, leaving current users exposed. When a bug is publicly reported but the fix ships months later, attackers have a window of opportunity. Minor bugs that go unfixed can accumulate until they combine into serious vulnerabilities.

Rapid release cycles have improved the situation, but the core problem remains: browser vendors decide which bugs are worth fixing and when. Users have little control over whether their data is handled safely.

How to protect your browser data

Keep your browser updated to the latest version.
Export bookmarks regularly as an HTML backup.
Use a dedicated password manager rather than relying solely on built-in browser password storage.
Review browser permissions and extensions periodically.
Do not keep sensitive data in a browser that no longer receives security updates.

2011 - 2025