Are you sure the email was sent from blockchain.com? Are you sure the fund was stolen before you opened that email? Maybe, that was a phishing email. (This is just a guess)
How did you open your blockchain.com after seeing that email? Did you go to blockchain.com as before or you clicked on a link sent via email?