How did this happen? I have no way to know for certain, but I have a theory. The Sony Playstation Network has been down for several days now due to some kind of attack. My username for PSN was my GMail account and I was stupid enough to use the same password (or at least they matched last week, I may have recycled back to it). I mainly use PS3 and PSN for Netflix streaming. I suspect that when the site was first down last week that intruders were intercepting logins and they got the username and password. My main reason to doubt this theory is that hacking PSN seemingly was sophisticated to do, so why would they use the information they stole in such an amateurish way as to send an obvious SPAM that alerted me to the problem? I have to think they downloaded all my email and information before they did this. I wonder why they did not also change my password as it seems like they could have done so.
It is fairly disconcerting to wonder what private information, such as credit card numbers, that I might have in my GMail archive. For now, I at least think I have safely updated all of my accounts so that the passwords are different on every site.
Update (2011-04-26): Sony has now pretty much confirmed that this all originated with the hack of PSN. See this blog post: http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/ Of course it was still stupid on my part to use my GMail password anywhere outside of GMail.