The new thing is to break into a forum, steal the passwords and usernames (emails) and then go try the same user/pass in other places.
Using the same password over and over again sets you up for disaster.
LastPass, one of the Cloud Based password tools got compromised with a pretty bad security hole. This is by no means unique and is barely unusual among those tools.
What I do, is I have a file on my email (but should move it to my phone) with a password list on it, using a code that lets me remember what password it is for but isn't obvious at first look. So, for Facebook it might be gc-72687. Where "gc" is the two letters after "fb". Then if the list gets compromised, you don't lose anything. And, you can carry the list around and use unique and reasonably long passwords.
Do not use the same password in financial stuff as you do anywhere else. Period. Same for email. If they get in email, they can reset lots of stuff.