Another case that just happened, where the code was compromised, and automatically sent to the customers who had auto-update turned on.
Considering the software breached is a Enterprise Password Storage solution, I would expect that a lot of sensitive information has been leaked.