@Xeno1234
Have you tried to provoke api key?
Steam for example let third party websites to store & use steam account api key for login. Api key will let unauthorized users to bypass 2fa security method.
Try: Reset your router to default. Clear cookies and data on all your computers. Scan the computer for virus. Make another clean email on another virus free computer or smartphone then use virus free computer or your phone to change your email.
Disconnect this account from all password stored/saved application or service.
If you use phone number to confirm your 2fa, then try google voice # or another person phone number you can access physically to confirm your 2fa and monitor if your current phone number got double sim hijacked.
Contact the support team. I believe they have a way to brute force logout your account on all devices, and give you a new 2fa code.
Do you have any backup email linked to this account? If so, disconnect all of em or make another clean one.
I doubt that you are a victim of double sim hijacked.