Even though leaks through portable devices have been less and less frequent, this channel still deserves high attention because of the constant risk of human errors. For example, a laptop containing intelligence data may be stolen, or a lost flash drive with trade secrets may fall into the hands of competitors.
At the end of 2017, Coplin Health Systems, a U.S. healthcare company, reported that a laptop was stolen from their employee’s car in West Virginia, which potentially compromised personal data of 43,000 patients, including their names, addresses, social security numbers, dates of birth, financial and health information. Although the laptop was protected by certain security tools and required an access password, its hard drive was not encrypted, and thus the criminals could access confidential data on it.
Nobody is immune to leaks resulting from incautious or negligent actions. For example, officials of Guelph city (Canada) accidentally gave a lawyer a flash drive containing files not relevant to the litigation he was involved in and thus compromised personal data of 2,500+ people, mainly municipal employees.
Sometimes, threats come from very unexpected sources. Thus, Taiwan’s national police agency said 54 out of 250 flash drives, given out as prizes at a government-run cyber security quiz, contained malware that stole data and then transmitted it to servers located in Poland. The ongoing investigation is to find out how those USB sticks could be infected.
As part of a notorious trade secret leak in Taiwan, former employees of Micron copied the computer memory R&D to a USB drive and gave it to their new employer UMC (Taiwan) that needed that information to develop its Chinese business.
The most recent French presidential election involved many data leak scandals. Thus, a laptop and a USB stick containing personal data were stolen from François Fillon, a former Prime Minister and one of the candidates. Luckily, according to his campaign office, the laptop was blocked remotely, while the flash drive contained personal pictures only.
In autumn 2017, an outrageous incident took place in London, where an unemployed man found a memory stick crammed with unencrypted information on Heathrow Airport. The USB stick dumped in the street contained 76 folders with maps, videos, and other airport security information, including a timetable of patrols, every type of ID needed to access restricted areas, and even the exact route the Queen takes when using the airport. Such leaks are extremely terrifying, especially in the face of UK terror attacks that happened in 2017 killing tens of people.