Over this past weekend the credentials for several thousand Microsoft Hotmail accounts were posted online. Microsoft has confirmed the list was authentic, worked to get it taken down and deactivated the accounts. If your account was affected you can fill out this form to reclaim account access.
Then today Google told the BBC that Gmail had been similarly targeted. The BBC reported that they had seen a list with more than 30,000 names and passwords.
Microsoft says that the Hotmail accounts appear to have been compromised through "a likely phishing scheme," not through any problem in Hotmail. Google's response was similar: "We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including GMail accounts...As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."
Users need to be able to recognize illicit attempts to elicit their account information. The Microsoft blog linked to above has some good, general advice on recognizing phishing scams.