This is actually fairly common. All emails pass through a variety of relay servers before ending up where they belong. Email hackers use "sniffer" programs to watch traffic on common relays and harvest addresses. There is a thriving black market on the "shadow net" in email lists. Most buyers use them to send bulk spam but some have programs that try and crack the passwords on various accounts then use them either for general mischief or to transmit illegal materials.
First, use a good password or actually a passphrase which includes upper and lower case letters and numbers. These are much more difficult to crack.
A password that is one or two words found in a dictionary can usually be cracked in less than a minute by programs designed for the purpose.
Second get a web based email account that has robust anti-hacker protection, I recommend gmail from google. They also have excellent spam filters.