Hacking via Developer or Security researcher device

See If you think your Apple Account has been compromised - Apple Support

Your device has not been hacked but your account credentials may have been, especially if you reuse passwords and have not enabled two-factor authentication.

Number one reason is that you have been a victim of a phishing message/email and turned over personal and/or financial information to someone pretending to be Apple or your banking institution. They will make all kinds of crazy claims to get your information and even tell you that your device has been hacked and they are going to help you.

Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support

In addition to the information from muguy, you will also need to change your passwords on your bank account and make sure you have two factor authentication on those accounts for security. NEVER call a number or click a link from and email/message and provide ANY personal information. It makes no difference how convincing the message is. If you want to communicate with your bank, you call them using a number that you know for your bank, not that was sent to you to call. Apple is not going to send you an email/message with a number to call them.

The solution is to secure those accounts and enable Two Factor Authentication with Trusted Phone Numbers. I would recommend to use a Trusted Phone number that is not one provided by your cellular provider in case that account was compromised too.

• To secure your Apple Account, follow the link by muguy.
• You can also view any other device that is signed into your Apple Account by going to Settings > [name on top] > and scroll to the bottom of the screen to view those devices. Tap on them to delete, and then change your Password. If you signed into a TV with your account at Hampton Inn, then that TV will be listed there and you can remove it from your account. Changing the password prevents it from being able to log in again.
• Go to Settings > General > VPN & Device Management, and report back if you see any Profiles listed there. Developer Profiles can be installed there, but only by a person that has physical access to your device to do that, and they cannot be hidden.
• Secure your account with your Cell Provider, including by making sure no one else has account access.
• Change any third party email Passwords and also secure those accounts with two factor authentication.
• Of course, any financial accounts need to be changed, and I am sure you have already done that with a previous compromise. Access to that account needs to be secured and you should assume that a previous email used has been compromised, so do not use that same one.
• Never reuse passwords across accounts.
• I would even go further and create a new email account and Factory Reset your device and use that email as a new Apple ID. After that has been done, you can delete your previous Apple Account and all data associated with it.

See the previous link if you think your Apple Account is compromised.

you clearly did not actually read what I wrote , as you said all the blame the victim rhetoric I was speaking too, then you made assumptions , stated that as fact, you way off the mark. It’s not isolated to Apple, it’s accross the IoT , Apple ID also the targeted platform as is Google. Both Apple and Google have been Super supportive thru thus challenging endeavor, with could say the same for TMobile -ATT etc. you even told me how it happened??? I have been living this for almost 2years , I have a doctrine in Hacking survival, I was not caught in phishing expositions , would not matter if I was , as the code they used can be click free . It’s realeased thru animation they an email that goes to the cloud , the user does not even see it ,I was also using a secure ID , you are only as safe as the platform - you can made it more difficult , but if you’re targeted is easy and unavoidable, anyway my issue landed in my lap after a stayed in a Hampton In -and used my computer , logged into my TV apps and You tube, now they had my ID . Credit card , passcodes , their captive WiFi was a weapon of theft, that was the beginning and I did not discover that until 8 months after checked out, please re-read and see if you might have a question for me , know one can understand the full ramifications of this ordeal unless you have been in this situation.