Not determined yet, but based on the 2 devices where the seed was stored, one being a Windows 10 device, my guess is that the seed was somehow compromised. 

https://cointelegraph.com/news/monero-community-wallet-loses-all-funds-after-attack

Problem is they can’t trace it… since it’s Monero 😂 

 they did what tracing they could (since they had the private keys and all)

heres a link to the postmortem

https://moonstoneresearch.com/2023/11/03/Postmortem-of-Monero-CCS-Hack.html 

 Why did the buffoons store the seed on a Windows machine?