As you already know, this is suspicious.
First, make sure that you use a different password on each service that you use. Reusing passwords across platforms is a major, and very common, security vulnerability. It allows someone to access everything, if they know/guess/obtain that one password.
Second, make sure your email password is very secure. Make it a long password. Make it easy to remember and type. (I advise people nowadays to think of it as a passphrase rather than a password, and to use a sentence. Don't make it a famous sentence like "Frankly my dear I don't give a damn!" but rather something that you can remember (or would like to remember). "I got my first, real, kiss during summer break when I was 15!" or something like that.)
Finally, consider getting a new email address and using it just for your most important accounts, and don't tell anyone about this email address. (Important accounts are banking, credit cards, etc. I would not consider anything linked to a credit card (Amazon, e.g.
) as important, as you can just cancel the card.)
Go to https://haveibeenpwned.com/
and enter your email address. It will tell you if your email address has been part of a disclosed data breach.
Avoid services that don't allow you to pick your own security question(s). (I'm looking at you, iCloud.)
Consider using a password manager. Here's a list of some good ones: http://www.pcmag.com/article2/0,2817,2407168,00.asp