i am not familiar enough with these details but there is a closely related curve secp256kr1 - which i think was approved by NIST to become P256, if my foggy memory serves me correctly
nobody really uses it afaik, but the general gist i recall is "the deterministic generation process for the group makes it unlikely to have a backdoor" (wrt secp256k1)
The one you're remembering is secp256r1 - it was for a long time the most popular group in use for TLS on the internet. Plus a few other contexts, it was basically 'industry standard' until the DJB stuff (curve25519/ed25519) slowly took over.
(the 'k' is for Koblitz curves, named after Neal Koblitz. I forget what the 'r' stands for. The 'p' is for prime, i.e. prime order curve. And SEC = 'standards for efficient cryptography').
