Sorry for posting here, i don't know where i should post about this.
The story is.. That i created an account on GOG like 2/3 week ago. Bought a game that was cheap there, 1 day later i got an email that someone tried to acces my account on GOG (the guy couldn't login because i had protection on). I was 100% that this wasn't phishing. Did a search about it and had to change my password.
Then i realised if my email/pw got leaked so i checked ihavebeenpwned and yes my email and pw got "data breached". After doing a check on my email, someone also tried to login to my email, he couldn't do it because offcourse i didn't use the same password on my email.
So i got a bit paranoiac and did a adwcleaner + malwarebytes check on my pc and couldn't find anything. So i think i'm safe from anything such as keylogger right?
I know which password he used, so what i did was check if i used that pw on important websites/apps and i changed it. Just to mention yes i do have and use 2FA and SMS protection and such things on all websites/apps i use (if they have one). So it's kinda impossible for them to hack it. Unless they got into my IP adress. But i doubt it because i don't use search risky stuffs. My day is just Youtube, Twitch or Gaming.
What i don't understand is, today the guy tried to acces an website that i even don't remember i used and would like to know how they know i have an account there? Is it just a guessing game or do they have a list of it?
Is there a reason i should still be paranoiac about it?
Like i did change my passwords on the most importants websites/apps, Did a malware scan and adwcleaner.
Also is there enough reason that i should change my mail?
I hope i can feel 100% sure and chill :')