The story
I become a victim once a year or so, it is mainly because I used the same password on multiple sites.
One of those sites got hacked, and all passwords were leaked, so my password was on the internet in plain text together with my email address. At that moment I realized that I should use a password manager and have a unique and complex password for every website.
I also changed most usernames/email addresses to unique ones so if my email/password gets leaked I only have one specific email account leaked. So that’s safer than using the same email on every website (also because of tracking).