This can be helpful but you have to use the terminal. We are going to look for the right dates in the system log file. After we found the first hit we continue investigate what USB identifier number it has.

First of all open terminal from spotlight or Applications/Utilities/Terminal.app

Switch to log directory by:

$ cd /var/log

Check current log file after the date before the device got stolen.

$ head system.log

If not the date or the time is correct continue analyze older files. First command gives you how many log files you have starting with the name "system". And after you found out how many files you have then you have to do same as before. Check if date is correct with an other command.

$ ls -a system*
$ bzcat system.log.xx.bz2 | head

After you have found out the right log files continue with checking the time.

OK, now you have found the right file for the correct date. Lets try to find a correct identifier number.

$ bzcat system.log.xx.bz2 | grep USBMSC

The output should be easy to understand like this one.

Jun 23 10:59:09 kernel[0]: USBMSC Identifier (non-unique): XXXXXXXXXXXXXXXXXXXXXX

If you think you have found the USB Identifier, make sure to control if it's the right one before you assume who stoled it.

Use the same command as before and try to find the same Identifier in newer log files by this command

$ bzcat system.log.xx.bz2 | grep XXXXXXX ( the usb identifier number ) 

You should not be able to find any results but probably in older files if you have used the USB device more than once.