According to the investigation conducted by Solana's team into the breach of thousands of crypto wallets, the affected addresses were "at some point created, imported or used in Slope's mobile apps."
Prior to this, Solana developers reported the attack was not caused by a bug in the underlying blockchain code, but was related to software used by "several popular wallets."
Solana Labs co-founder Anatoly Yakovenko has said anyone who has ever imported a passphrase into Slope can consider it compromised.
Slope has reported in a statement several wallets in the project have been compromised and that the team is actively investigating the incident. The developers "have several hypotheses," but have not mentioned the specific reason for the hack.