@Artgirlofnm @xvisto: While it might not appear in your access history, your access history is correct. We only display 30 days of access history and in some cases, the unauthorized access happened before that. Once we learned about the the malicious activity pattern, we notified users. If you were notified, it was because we found evidence of this pattern on your account. Please change your password as soon as possible and be sure to revoke all connected applications. The person that accessed your account also created a personal developer token that may still be present under Settings -> Applications. Please make sure that is no longer present and revoke it if it is.
@xvisto: We don’t know how someone learned your password. This is not related to the password reset in 2013.