K. Chen gave a talk which demonstrated a proof of concept attack using HIDFirmwareUpdaterTool to insert code into the firmware of Apple keyboards allowing an attacker to record keystrokes. The attack does require physical access to the machine. It is important to remember that all input devices that have firmware can be attacked and it is possible to record information from the device. This is true of wired and wireless devices, a trip to the local Radio Shack and some basic skills a keystroke recorder/interceptor can be constructed. 

The best defense is to restrict physical access to your devices, organizations should control physical access to their offices always.