Not determined yet, but based on the 2 devices where the seed was stored, one being a Windows 10 device, my guess is that the seed was somehow compromised.

https://cointelegraph.com/news/monero-community-wallet-loses-all-funds-after-attack

Problem is they can’t trace it… since it’s Monero 😂

Bad opsec or inside job.

Would like to give the benefit of the doubt, but we'll probably never know for sure.

Silverlining - this has sparked a lot of conversation and change how CCS proposal funding is done that minimizes trust in the holders (multisig) or straight up don't require them at all (direct funding from community):

monero.observer/cypherpunk-transmission-017-rethinking-monero-ccs-cypherpunk-proposal

I'd prefer the latter and like this proposal