They let it leave?
so if i was in charge of that outfit,
[1] the data would be secured to the highest practical level (considering available technology):
-[a] every machine in the place (especially portable devices) would have an encrypted file system (and, come to think, would be a Mac, UNIX, Linux, or mainframe box, depending on purpose);
-[b] every user (including janitorial staff) would be trained on security practices, evaluated on compliance with same, and required to log in using one of those RSA-type fobs with random numeric key sequences (i prefer CryptoCard on BSD, actually);
-[c] visitors and consultants would have to sign NDAs and confidentiality agreements that make them individually liable for damages; they would also require oversight, and would be given very limited access (no data to be transferred off premises), which would end the moment they are finished work;
-[d] all laptops and portable devices would have call-home and remote-kill LoJack-type functionality, and all connections would be encrypted and secure.
[2] this individual would be facing a civil lawsuit.
[3] the person wouldn't "leave", they would be fired for negligence and escorted off the premises, their manager would be subjected to an audit and an investigation (at least), and that's what the press release would say, too.
aside from all that, whenever this sort of thing happens, i always get a mighty urge to throw the idiot so hard that the moron would bounce.
this company is (supposedly) a security vendor (among other things); they should try harder to act the part (they're far from broke, and their profit outlook is excellent).
unfortunately, VeriSign (and NSI before that) has never had its stuff together. they were always fsckups, so no news here (just had to deal with them last year, and they were still fscked up). this twit likely fit into their culture of incompetence just fine, and was probably either management or HR, or maybe both.