Before OSX 10.10.2, apparently there was a "heartbleed" style info leak in spotlight where it "may save unexpected information to an external hard drive", according to http://support.apple.com/en-us/HT204244 (CVE-2014-8832). Probably related to this report: https://www.f-secure.com/weblog/archives/00002752.html