“This criminal attack appears to have been executed by an individual working inside Vodafone,” the company said in a statement provided to SecurityWeek. “An individual has been identified by the police and their assets have been seized.”
The data accessed by the attacker includes customer names, addresses, gender, birth dates, bank account numbers and bank sort codes, the telecommunications giant said.
Vodafone said credit card numbers, passwords, PINs, and mobile phone numbers were not exposed. No personal call information or browsing data was accessed by the attacker.
This incident, along with recent headlines created by NSA leaker Edward Snowden, remind us that the insider threat is alive and well. However, while insiders are an important threat to protect against, Verizon's 2013 Data Breach Incident Report (DBIR) showed that insiders accounted for only 14 percent of the data breaches included in the report.
Source
