RE: LEAK -- compromised ACTIVE key successfully protected

How are keys most likely compromised, is it phishing, lack of knowledge by the user, or more code related?