Same here, I haven't checked my email since I don't have much activity on stake this past few weeks. I could say that my idleness saves me from possible phishing attempts. Though it is quite surprising that $10m is stolen from hacked accounts. Aren't they activating their security options? This is just a user data breach and not an internal system hack, so it is somehow impossible to lose a significant amount due to phishing if 2fa and other security feature is enabled by the account.
Yes, it's a bit dubious somehow he collected $10 million whereas every account that has a balance must have double security like 2fa or OTP
I don't know if he managed to collect such a big amount but we can't say it's not possible, since the 2fa key is the same one for login and for withdrawing funds on Stake. 2fa codes change every thirty seconds and are usually accepted during 1 or 2 minutes by websites, so if one phished user enters his 2fa code to try to log into the fake Stake home page, the hacker can steal this code and use it during several dozens of seconds and even minutes to enter into the account of the victim and to withdraw their funds.