There were indications in August that some customers who were running the company's home security solution had been receiving calls from people claiming to be Trend Micro support staff, a statement from the firm said.
The information that these individuals said they possessed led to suspicion of some kind of co-ordinated attack.
"Although we immediately launched a thorough investigation, it was not until the end of October 2019 that we were able to definitively conclude that it was an insider threat," Trend Micro said.
"There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed."
The investigation showed that the employee had sold the stolen information to a currently unknown third-party malicious actor.
"We took swift action to contain the situation, including immediately disabling the unauthorised account access and terminating the employee in question, and we are continuing to work with law enforcement on an ongoing investigation," Trend Micro added.