Solution:
Security of your VM, OS, and WordPress are your responsibility.
There are a zillion ways to get hacked. Your question has no details on how your systems are configured, what hack occurred, etc.
The Internet has many tutorials on securing Linux, securing WordPress, securing Google Cloud. YouTube also has good resources to learn from. Invest the time to learn how security works and how to protect yourself.
Regarding your competitors hacking you – maybe if they are naive or unethical. In general, it is often easy to figure out who did what, when, and from where. The experts that know how to cover their tracks won’t target your site as there are no financial or bragging rights. Most likely a script kiddie found an easy target.