npub1h9h9q524k50xcy2m7k3swyeuu7d0cq728vtqwzmx70vvepxja0kslutyrn (npub1h9h…tyrn) We can assure you that Proton's infrastructure has not been compromised, and that these attackers didn't get anything directly from our servers. Even in the unlikely event this happens, attackers wouldn't be able to gain access to the actual emails in an unencrypted form because of zero-access encryption.
The attackers likely got access to the victim's credentials from the victim (phishing attack, social engineering, a compromised device, etc.).