93 percent of those surveyed said they would not be willing to give their personal data to an organization that had already reported a previous security breach.

At least one property has been raided in the search for the lost USB stick, but so far it has not been found.

Although police would not confirm it, the newspaper believes the device held information on a number of suspected terrorist cells being monitored by police.

There is no word - and hence nothing to suggest that the data held on the USB was encrypted, meaning that anyone who now has the device has access to some potentially highly-sensitive data. The security breach is serious enough that the UK Home Secretary, Jacqui Smith has been informed.

This is yet another high-profile example of how allowing sensitive data to be copied to inherently insecure devices, with no security precautions, can be a seriously risky practice.

While the company that sponsored the research believes this is a good reason to change passwords on a regular basis, WatchYourEnd also strongly recommends organizations invest in technologies that can be used to stop the unauthorized copying of data from the network to portable storage devices such as USB sticks, MP3 players and even CDs or DVDs.

Of the 300 IT Administrators surveyed, only 12 percent claimed they wouldn’t dream of helping themselves to company data.

In Germany, there are currently no restrictions on the sale of personal data from one party to another - however, plans are now afoot to ensure this can only be done with the expressed consent of the individuals whose data has been collected.

However, WatchYourEnd believes that just as great a problem is presented by the ability of the call center worker to provide 17,000 records to the authorities without his employer’s knowledge. Clearly there were no data protection technologies in place to prevent the removal of the data from the corporate network. Although in this case the employee meant well, it could have just as easily been an attempt to commit identity theft or supply the information to criminal gangs.

The German government might do well to follow a similar tack taken by the British Government by planning laws which make it a criminal offense to allow a data security breach through negligence.

With instances of data theft, pedophilia and ‘internet grooming’ becoming more prevalent in the media, it is particularly shocking that an organization of the BBC’s standing has allowed such a breach to occur.

While the BBC claims that there is no evidence the data has been misused, there is also no indication that either the laptop or memory sticks were equipped with any security measures, such as data encryption or access control.