Exactly. By default,good online services use secure protocol (HTTPS) that doesn’t use referring,doesn’t cache files and so on. This provides many security mechanisms that prevent third party from getting your informations as Gene already mentioned.

But there is many unsecure services which use normal HTTP protocol.
If its not designed well,it can store your username/password or even credit card number into referrer “register” or “buffer” as i explained before. And if you visit some page right after you entered sensitive info,they can simply read that sensitive info from referrer.