On June 18, 2016 an attacker began exploiting a vulnerability in the code of The DAO to siphon off invested funds using a bug that went unnoticed because smart contract coding is such a new discipline, which was even missed by a professional security audit performed prior to launch. Luckily the design of The DAO has resulted in these funds being temporarily stuck in child replicas. Nonetheless, without action the attacker will eventually secure a very large amount of ETH.
YOUTUBE JzCGRtGyxvY On June 20, 2016 Gavin Wood gave a presentation on the hack of the DAO smart contract.
Gavin's proposal for the solution written here pub