"Does anyone have a first hand example of their bank details being stolen over an unsecured
wifi connection and then funds being withdrawn from their account????"
There have been any number of reports of massive thefts and frauds against major retailers (offhand I think Home Depot was one) going back around 5? 8? years ago. Folks would just pull up in the parking lot, skim the credit card information from the unsecured internal
wifi networks in the stores, and have a field day. So yes,
commercial organized theft of data from unsecured Wifi is common, or has been.
Which is also why WEP has been obsoleted, it was at least five years ago that tools to crack WEP in under five minutes were published.
If you can pick a public location where folks use free WiFi, the odds are someone was, is, or will be sniffing for information.
Now, if you are using only HTTPS secured web pages, or you are using some other "end to end"
security scheme like a VPN, you can probably use unsecured wifi without any risk because--by definition--you have now secured it.
The easy alternative used to be using a cellular connection, but as was proven at one of the hacker conventions this year, all it takes is a $300 picocell (now commonly
sold as home cell boosters) and a little
work, and you can capture and decrypt any cellular connection in the immediate area as well.
There are plenty of white papers online.
Security is only necessary if you have something to lose. Or if you use one same username and password in multiple places, which led to weeks in hell for one of the authors at Wired after he got hacked by social engineering, and the clever hackers went to likely places and chased down his other accounts.