Apple lists that configuration.apple.com domain as a Rosetta 2 update service:
Use Apple products on enterprise networks - Apple Support
As for the reported breach, you'll want to identify what you've done with your security and related in response.
Duplicating a device is a compromise certainly, if the passcode is known. What have you done in response?
The developer program provides nothing past the ability to debug on device and to side-load a limited number of installs and apps for testing, and that requires setting the device up as a debug device, or setting up for testing. It's not a master key, very far from it, or we'd all be swimming in malware.
Setting up the device as a developer device for testing involves cabling to a Mac, and authorizing the access.
Check for Settings > Privacy > Developer Mode both showing, and enabled.
If Developer Mode is not shown, developer mode has not been configured since last reset.
If Developer Mode is shown, then it was cabled and configured. That can be an issue, but shutting off Developer Mode and rebooting will clear it and its side-effects. (Past whatever has already transpired within whatever was side-loaded if anything, that is.)
Enterprise deployment can also involve installing a profile, as well. That's similar to what was discussed in the reply above, and discussed in the following:
Install custom enterprise apps on iOS, iPadOS, and visionOS - Apple Support
If there's no profile, then that side-loading hasn't happened here, or is no longer active here.
