-snip-
Even if OP did not make any additional mistakes beyond storing his seed phrase on the cloud, or was using a perfectly clean computer on his own private WiFi, his seed phrase could still easily have been stolen from the cloud. We have no idea how many servers around the world OP's seed phrase was copied to, how secure those servers were (physically or digitally), which Google employees or third party employees could access them, how robust their encryption algorithms are, and so on. Google don't exactly have the best security practices, previously being caught
storing passwords in plaintext for 14 years. This is why cloud storage is always a risk - you have absolutely no idea who else can access it.
Ideally you'd check every last character of the address.
There is no real reason not to do this. It takes a few seconds at most, and guarantees your security. Checking only the first ~3 and last ~3 characters still leaves you open to a small risk of theft from clipboard malware, and this risk will only increase over time as hardware becomes more powerful and vanity address generation becomes quicker.
If I understood you correctly, only BTC was stolen with the help of clipboard malware - which means that you had to make a transaction in which the malware replaced the address, and that the seed was not compromised.
No, I didn't make any transactions at the time while I was waiting at the airport.
There is absolutely nothing stopping your laptop from having multiple different pieces of malware on it, one which will change your clipboard and another which will steal your seed phrase. Indeed, the fact that you have one piece of malware on your laptop increases the risk of you having others, since you clearly do not have the best security practices or behaviors. I would be formatting that laptop and starting from scratch.