How likely this is to occur I suppose depends on your industry and who you are.
I know if I had a work phone and I lost it ... and I didn't report it within hours I would be in some serious shit, possible civil litigation and even potential criminal implications for failure to report it.
I have always had a strict work or personal policy. I did break it at the start of COVID, but out of choice. The client I was connecting to used VMWare horizons and couldn't care where you connected from, everyone was a hacker until proven otherwise by 2 layers of MFA. You knew where you stood with that.
However I did allow my Windows PC to join the company O365. Which was still permitted back then. This was just to gain access to "Teams chat" and email.
The company got bought, that policy revoked, VPN only for O365 connection. Work laptop was mandatory. I removed it from the PC and other than being a bit confused when I wanted to log into microsoft as myself I never seen any bother.
Really big customers, their security is so tight you, yourself feel safe. They are under so much regulatory scrutiny and are so massive if they make any mistake with YOUR data you can sue them for tens of thousands and they know this. So they are usually pretty clean and when they are going to eves drop on you, they tell you up front when.
It's the middle ground, the startups and the exclusively USA based companies that are the real threats to home network security. They still have the YOLO, your data is now mine approach. They don't have clear privacy boundaries and if a single devops or IT guy wants to record your microphone or turn your webcam on, who's to know right?
So, when I got a few of these customers laptops in and onto the home Wifi I got hacked by them. Mostly the MacBookPro auto discovery services, but it was getting awfully close to the loosely authenticated HDDs where I keep my Pron! A customers laptop!
This is when I learnt how to VLAN and segment my network.
Only this morning I had to fix one of the two work laptops. One of them has a fixed endpoint address for it's VPN and tunnels everything including DNS over it, the other uses local DNS and only puts O365 and other traffic over the VPN... it's DNS was broken. I was redirecting their DNS traffic to PiHole to kill ads. Turns out my PiHole just isn't interested in helping the guest network this morning, most likely because I redid the entire lab/office layer 1 last night, taking out every cable, moving the switches and routers and replacing the cables again. I expect a guest VLAN tag is set wrong on the DNS server.... although they did get DHCP. Odd. But I removed the redirect and it's happy with 8.8.8.8