…is why you should use strong passwords. My guess: the guy got a bunch of emails and passwords from other hacked databases and just tried them. That or he just guessed easily guessable passwords. Pick strong passwords. Never reuse them. Make them long and random. Use a password application to remember them.
Image from Gwyneth Anne Bronwynne Jonesvia flickr