You often hear about hack attacks.
Every system that you need to log in to has a database somewhere that contains your username or email address and your password. If they're not incompetent, then the password is stored as a "hash" (which means it's scrambled by a mathematical function that makes it hard to decode).
But if someone does break in and get access to that database, there's every chance that at some point they'll be able to figure out what your password is. And then they go and stick it up for sale, next to your email address.
Your friendly neighbourhood hacker buys this information and then uses that to try other sites – reusing your email address and password to see if it will let them in elsewhere.
Which is why you should never reuse the same password on multiple sites.
Take Action: Go through the sites you use most often and give each one a unique, hard to guess, password. One way of doing this is to use a sentence related to the site and take the initial letters from each work – and add something else that's hard to guess to it ("Instagram Shows Lots Of Selfies" and your friends birthday before and after – become 1710islos1980). Then you just need to remember the sentence (which is related to the site) and your friend.