wiredmikey writes "Vodafone Germany said on Thursday that an attacker with insider knowledge had stolen the personal data of two million of its customers from a server located in Germany. 'This criminal attack appears to have been executed by an individual working inside Vodafone,' the company said in a statement provided to SecurityWeek. 'An individual has been identified by the police and their assets have been seized.' The company said the attack was discovered on September 5, but said authorities had requested that the breach remained under wraps while an investigation was conducted. The data accessed by the attacker includes customer names, addresses, gender, birth dates, bank account numbers and bank sort codes, the telecommunications giant said. Vodafone said credit card numbers, passwords, PINs, and mobile phone numbers were not exposed, and no personal call information or browsing data was accessed."