It's quite simple actually for a hacker to hack 98% of the population.
If your password is related to a credential of yours, something you would put on a hospital application or such, it is extremely easy for them to guess it. They don't even have to try every permutation of letters like they might have to. Hence p3anu+01l5uck5 is not a good password.
They can also try to hack another account, and since 94% of the computer-literate use the same password everywhere, it's insanely easy for someone to get your password if they can hack a low-level forum site you use that password.
And those are just the easy ways. There are still more advanced techniques (phishing being the biggest one, but there's also brute-force/dictionary attacks, viruses/spyware, simply someone watching over your shoulder, or even as complex as blackmailing Google with even more account information) they can use.
But it's also possible that you forgot your password. It's hard to tell the difference nowadays.
And if this ever happens again (hopefully not), or anyone else, Google has a form for this purpose.
You could be in one of the following situations:
- you could have a keylogger/trojan on your computer;
- you could have logged in from a computer that had a keylogger/trojan installed;
- you could have been a phishing scam victim;
- you could have used a service that required your gmail account password (less likely) and they either store it in plain text and got hacked or were just rogue and sold/used it.
Now, you should:
- change all the passwords that you received on your gmail account, for each service/server;
- get in touch with any financial organization (e.g. banks) that might have sent you sensitive info on this email - if that's the case, follow bank account and credit card movements.
And last, you should switch to 2-step verification for your gmail account. Details are on gmail blog: http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html
Also, make sure your computer is clean - no viruses, trojans, keyloggers.
Edit:
It's also possible that you have the password stored in plain text and that file got somehow misplaced (trojan, file sharing error).
Best Answer
Some time ago I read this feature on a wishlist for gmail. I don't think something like that has been implemented yet (haven't find anything 'new' in my short research).
But you might go for the 2 Step Verification - it's pretty awesome.