Poor sod; he probably got quite a ribbing when he went back to his colleagues.
One thing this also highlights is that a lot of "verification" or 2FA methods basically fall down flat when your phone is stolen. This can complicate things from merely disabling you from accessing services, to actually rendering you completely unable to convince companies of your identity without actually shoving some sort of physical proof in their faces.
It also interestingly points out whether we should be carrying somewhere the details of our devices, e.g. serial number, IMEI... and if so, where should they be recorded. Main point here is that many people most likely do not do this, and of course, being told that your IMEI can be found by dialling *#06# is pretty dumb when you are reporting that your phone has been stolen (or, when the phone is a brick).
Barcelona is a hot house for pickpockets. Whilst quite a bit of Europe you need to be vigilant (without sounding very hackneyed), there are some cities where you have to be on guard nearly all the time. Naturally, even though many people actually don't get stung and some just escape the "wrong place wrong time" very luckily, there will be times when either the robber strikes lucky and/or you just let your guard down, then you're the mark.
Of course, some places they just try and deceive you, and in others you end up going home to the family as air freight...
