Unfortunately, I had the same problem with my Gmail account. I can't speak for the AOL account, because, the nature of passwords allows them to be brute-forced, or, eventually cracked. You have another option with Gmail accounts though. It's called two-factor authentication. Here's an excerpt from the wiki page regarding two-factor authentication:
(TFA or 2FA) means using two independent means of evidence to assert an entity's identity to another entity. From a security perspective, the idea is to use evidences which have separate range of attack vectors (e.g. logical, physical) leading to more complex attack scenario and consequently, lower risk.
AOL offers two-factor authentication, but you have to pay for it. Frankly, I believe all those that do not have stronger password XXXXX are at risk of another attack, but it's a chance others don't yet see because they haven't been inconvenienced (hacked) as of yet. It's one of those things that, unless it causes you pain, will most worry over - however unfortunate the facts may be.
That said, I can help you setup two-factor authentication for your Gmail account to help greatly reduce the risk of having your account comprimised again. Some great news - if you have an iPhone, you can download a free app called Google Authenticator. Simply search and install from the App Store on your iPhone to get it.
Once done, here are the steps to setup the two-factor authentication for your Gmail account:
1. Download and install the app for your smartphone: Android, BlackBerry, iOS
All you need to do is install the app. The Android version will also require the Barcode Scanner app from ZXing (which is free, and tremendously useful.)
2. Visit the SMS AuthConfig page from Google found here: google.com/accounts/SmSAuthconfig
3. Use the smartphone app to scan the provided QR code
Once you open the Google Authenticator app, you can scan the QR code provided and it will instantly spit back a verification code.
4. Print your backup codes
5. Set up backup authentication via SMS
In the next step, you can put in a telephone number for SMS. If you ever lose your authentication keys, you can have Google send one to an authorized device via SMS. To set it up, put your number in the box and click “send”. Type in the code they text you.
6. Set up application-specific passwords
Some Google applications don’t honor the two-factor authentication seamlessly. However, you can generate application-specific passwords that protect those apps. Once you turn on two-factor authentication in the final step, you’ll be logged out of your Google account. Log back in using your normal password XXXXX your new second factor (the number generated from your smartphone). It will tell you that you may need to create application-specific passwords.
There are only a handful of malicious code that Macs are susceptible to, so the chances of your Macs being comprimised are pretty slim, but I say one can't be safe enough. I use anti-virus on my Mac, more for the benefit of those I email who are mainly PC users to ensure I'm not spreading malicious code that may have been sent from someone who sent me an email before I forward it along. Most anti-virus software for the Mac will do just fine, but I'm anal when it comes to applications hogging valuable resources from my Mac. The one I chose that seems to have the lightest footprint in terms of CPU/memory usage is Intego VirusBarrier. You can download it by typing VirusBarrier in Macupdate.com's search field if you so choose.
I believe with two-factor authentication & anti-virus sofware, you should be set. Let me know if you have any other questions/issues.
**** IMPORTANT ****
Please note I am now providing you with the option to Accept by placing an Accept button as an option. Here's what you need to know before you click ANYTHING: I do NOT want you to click Accept if the suggestion/Answer I've provided does not resolve your issue. I don't want to get paid for my work unless you're 100% satisfied. Also, please note that if you decide to click Accept and you have a followup question, feel free to use the same link you were given to that particular question and I'll be glad to assist you. If the question isn't relevant to the original question, please use the bit.ly link in my signature to open a new question with me. Thanks!