Hi appreciate all input, also advice. Will see that the seed is not any where near a keyboard/laptop/computer or a cheap safe power tools is another question but something a 5 $ wrench wouldnt do much too.
The electrum number was generated as a result of a google search, have briefly surfed through the electrum documentation and it seems they have set it all up perfectly to not need input from a 3rd party. Which could always be compromised as an attacker could find what methods or platforms are being used to support customers and imitate a worker. Should have looked into it more thoroughly
I was less thinking on the compromised side of things and more a glitch, when there are two devices that have joint access it could become apparent this is the reason not a vulnerability that another has gotten something from. The balance was there for an extended period though what made me question had time to get a quote of amount through preev and come back to it.
A very helpful member of this community screened the txid and put to rest abit that it was sent to a wallet of mine so im back to being an electrum believer
Regards