It is unclear how this situation came to be. The usual obvious explanations (unencrypted hotspots and the like) don't apply, and the password should be hashed at the other end. Linux on this end, properly maintained, and no indication of anything amiss. There is nothing particularly of interest in my boring gmail, so it is puzzling that anyone would go to the trouble of computing a hash match.
Someone may have gotten your info from another less secure site and just seeing if you had a gmail account using the same username/password?
No trouble. Rainbow tables. Precomputed values that match the md5 hash of your passwd. Stored “in the cloud”.
hacking is a scattered approach, they have likely programmed a computer to hack hundreds or thousands of emails at a time
To make it harder for the bad guys in the future, try using Google’s two-factor authentication. After anyone logs in successfully with your username and password, Google sends a code to you by phone, text, or email. You can proceed only if you enter that code.
With two-factor authentication, it’s much harder for the bad guys to take over your account.