I'm sure they have invested so much money in security or at least a good opsec 24x7. But how can you protect when in light of some news that the hacking incident was supposedly with the help of someone inside?

They offered some bounty to capture the culprit but I guess they really need some internal cleansing as well. Screening their opsec should be the order of the day for them, removed the bad eggs and replace them with people that are not 'blinded by money', so to speak.