[kitchenkarma]

It's a bit naive thinking that employees would store their electronics in the lockers. Even if you have spot searches (including cavity search) it still doesn't exclude rogue employee just "forgetting" to store his or hers camera in the locker.

[braythwayt]

Nobody in that business was naïve. Employees did not "forget," if they were caught with their phone in the secure area, they were fired. I was told right up front that certain things were zero tolerance, and everybody knew what they were.

They took this very seriously.

Now when it comes to a deliberately bad actor, well, nothing is 100% perfect, but there were many other security things going on that I am not going to describe here, plus I know for a fact that there were security measures they did not disclose to me.

But let's face it: Somebody, somewhere, can train themselves to memorize a screen full of information. They could memorize something, go for a smoke break, and upload what they memorized. Lather, rinse, repeat.

The point I made, and am still making, is that some companies care enough to do everything reasonably possible to keep customer data secure, while other companies do not. The company I described here cares. I believe Apple cares too.

I suspect it will always be possible for someone to pull a small data heist, but extraordinarily difficult to set up a regular pipeline to exfiltrate data. The weak point is probably the digital systems. Most attackers would want everything, and the way to get everything is with a vulnerability.