The most common way this could happen is carelessness on the part of the wallet owner. Most times, wallet hacking and fraud comes from carelessly exposing your private keys, mnemonics, keystore or any other login details on phishing sites. Once this happens then it becomes only a matter of time before your wallet is hacked. My advice to anyone is to always try to be careful with the sites you access and the ones you put your details on.