The hacker was a person "with insider knowledge" of the company's infrastructure - no word yet on whether it was an employee - and has already been identified by the law enforcement agencies involved in the investigation.
The breach was discovered earlier this month by Vodafone, and the company immediately shut down access to the server and began investigation with the help of the police and independent security experts.
Affected customers have only recently been notified by email, as the authorities didn't want to jeopardize the investigation by making the matter public too soon.
As it turns out, not credit card information, passwords, PIN numbers, mobile phone numbers or connection data has been compromised, and the stolen information isn't enough for attackers to gain access to the users' online banking accounts.
Vodafone is, nevertheless, urging affected users to check their bank statements regularly, and to be wary of phishing attempts via email or phone, in which attackers impersonate Vodafone and try to get the users to share their credit card information or account password.
"The company has IT systems that meet the highest possible standards. These are regularly updated and expanded," Vodafone noted (via Google Translate), adding that they will take all necessary steps to further improve the security of the systems and to protect them from future criminal attacks.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.