Wordpress themes are not just design templates, they contain PHP code and must be validated before use. Not only because of bugs, but some may contain malicious code in there. Specially if you download from random web sites and not from Wordpress.org (not saying that every theme at Wordpress.org is safe).
One example popped this week, regarding the themes from http://hirewordpressexperts.com/. They added some hidden code inside their themes to track which sites are using them (and track the users as well).
However, their tracking server went offline and every site using it got this error on the sidebar.
My recommendation is to do not use any theme from hirewordpressexperts.com and always double check any theme you decide to use.
Some discussion here as well about them: