In October 2017 a member of the public discovered a USB stick on the streets of West London. Worryingly it contained sensitive information on security arrangements at Heathrow Airport. The data held on the device was not encrypted, neither was it protected by a password.  The airport, which has since launched an internal investigation into the data breach, says it is taking steps to prevent a similar occurrence in future. Whatever the cause, the data breach highlights the continued risk of accidental loss of a device by an employee, and potentially the act of a malicious insider.
 
According to the most recent Netdiligence report, data breaches from lost or stolen devices have more than doubled while breaches from paper records almost tripled. It found that lost devices accounted for 12% of cyber insurance claims, which compares with 16% for malware and 27% for hacking. Rogue employees accounted for 8% of claims.
 
According to analysis of its cyber insurance claims in the first nine months of 2017, Beazley says that some 6% were related to the loss of a portable device, rising to 10% for professional services firms. claims, which compares with 16% for malware and 27%
 
Source
https://www.asia.jlt.com/our-insights/cyber-decoder/sensitive-information-on-heathrow-airport-security-found