It has been in the press and Martin already wrote something in his blog about it -German tax authorities have been approached by various individuals who want to sell information about Germans who hold bank accounts at some Swiss Banks, like Credit Suisse and UBS. I don't want to go into the discussion, wether such a deal, where the government buys "stolen" data (I put it into brackets, because over here, data are not a thing and only things can be stolen) from somebody, is immoral or not. But it certainly is pushing the market for customer information, if it's value becomes as visible as it is in this case. I'm pretty sure that some of those unknown individuals possessing sensitive customer information already learned that there are institutions out there who would pay significantly more than German tax authorities (for example the banks from where the data had leaked).
So, data leakage prevention, access governanve, privileged user management - these basic disciplines of information security are becoming more than ever part of the survival kit for institutions holding customer identity information. A much better (and cheaper) way to learn more on how such leakage can be avoided, would be to join us at the European Identity Conference 2010. We'll have some best practices showing that it isn't impossible at all to prevent such leakage.