All the wallets you mentioned are close source and there is no way to know whether they have access to users keys or not.
Since we don't know how the keys are generated, everything is possible. It's possible that there's a vulnerability that help the hackers steal users fund.