They won't hack someone for 25 bucks (not even $25k). I had an account in the hold time and I remember someone successfully logged in (despite I use strong passwords etc) During the same time I saw a wave of people with the same problem. So I deducted a leak was ramping somewhere. Bittrex never communicated about it but It's probably your case too.

By the way, Bittrex died long ago when they changed the TOS with verification.