A. I don’t work for Apple. Almost nobody here does. These are user forums - fellow Apple product users volunteering their knowledge to help others.
B. There is nothing Apple could do. If someone has access to your bank account and uses it via online access, no merchant has any means of knowing it’s not you using the account. The issue is between you and your bank as to how you secure access to your accounts.
C. One mechanism to deal with such theft sounds like the one you already experienced. The bank refunds your fraudulently accessed funds. Just like credit card companies don’t hold you responsible for illegal purchases on your card.
But online merchants have no way of knowing the individual human being using any given set of online credentials so if someone hacks your online account, they are using your login credentials to use it and thus appear identical to you when doing so. That’s why things like strong, unique passwords and 2 factor logins are important to protect your online accounts. Once someone has your online credentials, to any online system, they are you (until you notice the illegal use and alert the bank or financial company who issued you the account that has been hacked).