If you believe your email account has been compromised you need to take immediate steps to secure it by resetting your password. You should use strong passwords with a variety of characters and avoid using dictionary words or real names associated with you.
If you use combinations of the same passwords across various sites, then you will have to also reset those credentials. Check your spam/junk folders for traces of any password reset requests or replies to emails which have not been sent by you, as fraudsters may have tried to launch a phishing attack to your contacts.
If you use email programs or you get your email on your phone or tablet, you will have to swap the compromised details on each device for the newly created secure password. Consider all the implications of a compromised email account – think what information a third party would be able to glean from the emails stored in your account and take action as required.
Finally, make sure you perform detailed sweeps of your device to check for any weaknesses which could have facilitated the breach of your email account.
Please remember that if you are set up for paperless service with various organisations you do business with, they will use your email address for vital communications, many of which are designed to alert you of any unauthorised activity. Contact those providers directly to check if any changes or actions have been performed in the time your email account was controlled by the fraudsters.
If you are concerned about similar breach happening in the future and want protection going beyond strong, unique passwords, you could enquire with your email provider if they have any two-factor or two-step authentication solutions on offer for you to utilise.