> How did you know the account was hacked?

Thunderbird, which I used almost exclusively at the time was unable to login, then I tried it via their website which didn't work.

I contacted support, and they told me that someone has changed the password and logged in since. They gave me the option to get my account back, by providing a scan of my ID or passport, which I did.

The hacker never contacted me. I do not know to this day what his or her goal was because the attacker didn't send or receive any emails with my account. I believe that the attacker got access to a large batch of accounts and he simply couldn't find a way to contact me via Internet. (I didn't use Facebook or other social services at the time)

> Did you have a secret question that could have been guessed?

I never used the secret question option on any service. Whenever I'm forced to enter something, I enter senseless garbage like "jkanshbuicbwnaiubdaibvjabfuzabfnbi" precisely because I think that secret questions are unsafe and dangerous.

> Do you know what phishing is? Would you have ever fallen for it?

Yes, but I have never shared the login data with anyone and when I logged in on other machines (which I did rarely) - I used a browser that I had on my USB stick for that (which was encrypted)

> Is it possible your saved password was stolen by malware?

I do not have any reason to believe that (I never had a malware problem that I know of), but obviously I could never rule that out. But on the other hand my GMX account wasn't really important. There were accounts that the attacker could have used to steal money from me (for example: PayPal), yet I have never lost access to any other account.

Like I said, I still can't rule out the possibility (nobody could), but I believe that I had a reasonable setup at the time. I used the GMX website (rarely) via a browser on my encrypted USB stick (which I still possess) and had a Thunderbird setup with POP3 at the time so I wouldn't have to login.

Hope this answers your questions.