The theft of storage media, IT systems, accessories, software or data not only results in the
expense of having to replace the equipment or restore it to working order, but also in losses
resulting from a lack of availability. If confidential information is disclosed due to the theft,
this can cause additional damage. Mobile IT systems, which are easy to transport
inconspicuously, are often targeted for theft as well as servers and other expensive IT systems.
However, there are also cases where storage media, such as documents or USB sticks, were
stolen specifically in order to obtain access to the confidential information stored on them.
Examples:
• During the spring of 2000, a notebook disappeared from the US State Department. In an
official statement, it was stated that the possibility that the notebook contained
confidential information could not be ruled out. Nor was it known whether the device
was protected against unauthorised access by encryption or any other means.
• In a German government office, several break-ins occurred through the same
unprotected window. Some mobile IT systems disappeared in addition to other
valuable items. It was impossible to completely rule out the possibility that documents
had been copied or manipulated.
• In the United Kingdom, there was a series of data privacy violations in which
confidential documents were disclosed because the corresponding storage media had
been stolen. In one case, several computer hard disks containing highly personal
information recorded during security checks of staff were stolen from the Royal Air
Force.
• An employee of a call centre made copies of large amounts of confidential customer
data shortly before he was forced to leave the company. After leaving the company, he
sold the data to competitors. Since details of the incident eventually reached the press,
the call centre lost many important customers.