[ ... ]
As I understand it -- the thumb drives were issued to people at the Pentagon for transferring data which could (or should) not be sent over the net.
Also -- they *can* carry encryption keys or encrypted identification to allow the carrier to access (some) computers in the restricted areas. (I don't know that they were used in this way, but it makes sense.)
Someone loaded a bunch of drives of the same type and appearance with malware and dropped them various places around the parking lot.
People found them, wondered who had lost them, and to determine that, plugged them into their work computers to read who the owner was so they could return them.
Zap!
Now -- everyone is having to figure out how to do the things which the USB keys were being used for.
Enjoy, DoN.