Normal humans can only change your passcode if they know your old passcode. There's a one in 50,000 chance that a random person can unlock your phone using their finger print, and a one in a million chance that they can unlook your phone via FaceID, but that doesn't help: iOS only lets you change the passcode after entering the old passcode.
Now an organisation like the NSA might or might not be able to get into your phone without knowing your passcode. But they are not stupid. They would extract everything they want from your phone, and restore the old passcode, so you would never know it happened. And they'd need to get hold of your phone for some time.
So the sensibles explanations are that someone managed to find the passcode (looking over your shoulder while unlocking, finding the passcode on a piece of paper, or trying the passcode 1234), and pranked the person. Or they just forgot their passcode. Or someone swapped the phones for a prank - if I give you my phone then you will also find that your passcode does't work, and later I swap the phone back.