I don't think there is any conclusive evidence that any of these services were "hacked" in the sense they had security problems that were exploited to gain access to the accounts. I think it is far more likely that it was either phishing or just really dedicated snooping/detective work to find out account names, then brute forcing them with common password lists, or something else relatively non-tech along those lines.
Many people have very poor password security practices, and share the same passwords over multiple sites, or use weak or commonly chosen passwords. This makes your accounts much easier to hack. I strongly recommend using a password manager like KeePass. It makes it easy to have very strong un-guessable passwords for each account you have, while only needing to remember one password.