Be really careful right now if you have someone telling you this. There are multiple ways how this could be a scam to trick you into giving them your seed or private key.
You may get fake email, or fake chat from a "friend" that tries to scare you.
In general no one can guess your private key unless you make some mistake and leak parts of your key (e.g. via using hacked software, storing it on your online connected device, etc). They can also try tricking you by modifying the website that shows how much bitcoin you have or similar.
In the case where you believe that they actually may be in possession of your private key (again that they in some way stole from you, hacked your machine, or you used hacked software...), first take a breath. Don't do any panic induced actions. Don't follow the steps they are telling you.
Strictly hypothetically speaking, if someone found one of the¹ private keys that match your address, they can spend your funds.
¹P2PKH, P2SH-P2WPKH, and P2WPKH use a cryptographic hash function with a 160-bit result to form the address. Since there are just shy of 2^256 private keys, for each of these addresses there exist about 2^96 private keys that can spend the funds. Luckily 2^160 is still an humongous number and a collision is astronomically unlikely given the key generation was reasonably random.
The chances of somebody "calculating" a specific private key for an address with funds is astronomically small, so small you can be broadly accurate in defining it as "zero". The chances of somebody who is telling you this being a liar is far, far more likely.
If "someone" has your private keys he would've stolen your btc already. How sure are you that's real? If you have doupts just change to a completely different wallet (new seedphrase) asap.
If they have a fitting private key, they can use it to sign the transactions. Hardware wallets house the keys generated via seed phrase generation, etc. This hypothetical person could have used your seed phrase to generate the private key on another hardware wallet. There is no mutual exclusivity between hardware wallets, meaning many can be loaded with the same private key derived from the same seed phrase.
Anyone more knowledgable than me, please correct me if I made any mistakes.
If that was possible nation state actors with virtually unlimited funds and computing power would be slurping up BTC left and right, and we wouldn't be here now.
If that was possible, the world’s infrastructure would be completely vulnerable to the same actor. Stealing UTXOs is not the way to make the most out of a way to crack SHA256.