Inside Job.
What benefit would an attacker have freely publishing passwords? These are commercially traded commodities.
This has all the hallmarks of a disgrunted employee, rather than an external attack. It's either somebody who has been disciplined/sacked and wants to cause trouble, or somebody who has got fed up about banging on about poor security/operational procedures and wants to to a 'told' you so.