Which is pretty weird, because thieves aren't known for stealing testnet bitcoins.
Right. A hacker stealing testnet coins actually warns about using a fake version of electrum. No hacker would do that.
Did you try out some brainwallet, or used a locking script which has a publicly known unlocking script? There are some bots that search for known private keys in the mempool and withdraw any sent coins immediately.
OP already said that he generated the private key through a brainwallet and used so simple words. See
this post.