Square Enix has posted an important notice on the Lodestone regarding a continuing attack on their servers. The attackers are using information obtained by leaks from other companies.
We are currently experiencing an attack by a third party that is attempting to gain access to the Square Enix Account Management System by using a combination of email addresses and passwords that appear to have been obtained from other online services of other companies. – Square Enix
Change Your Passwords
Square Enix has locked the accounts of customers that they have identified to have been compromised and have sent an email to them. However, they are still recommending that players even those that did not get the email to change their passwords. You can change the password by going to https://sqex.to/hpxjY.
Another thing you can do to make your account safer is to use One Time Passwords. You can use your Smartphone to do this via a Software token. For more information please see this article.