Choicepoint was data theft that they did not notify the people whose data was stolen. This is unlikely to be theft but rather I expect a programmer that was working on the database and accidentally brought a copy out with him. According to this article:
http://www.katv.com/news/stories/0510/736842.htmlThe "hard drive" was an external drive and I would bet it was a flash drive. I say this was a programmer that did this because it was a copy of the database that was on the drive. A user would not be working directly with the database, they would be using a front end app. The database would not reside on the users computer but rather on a server somewhere, not only would the user almost certainly not know how to find it but would almost certainly not have access authority to make a copy of the database.
This is still a serious breach, don't get me wrong, I am not making excuses for the guy, he was clearly wrong. If he worked for me I would fire him without a second thought but I don't think it was a stolen for identity theft.