In a recent information security audit, we noticed an inordinate amount of broadcast HTTP traffic - primarily from one XP workstation (traffic to/from an external address owned by peak10.com - a hosting organization). We looked again to be sure we didn't have any rogue hubs in the network and then asked the bank about the situation. After we gave them the specific workstation name and address, they discovered a user was listening to streaming Internet radio. They then had to look into why their Internet content control wasn't blocking like they thought it would.
The interesting part of this is the fact the traffic was being broadcast throughout the whole branch network rather than just her system. Of course, the Internet bandwidth consumption would normally be of more concern than the local network traffic. However if there already had been a problem with the LAN, this could have made it worse.