Big companies like LinkedIn have all had data breaches in the past with hackers gaining access to the websites backend databases, they can gain access with outdated software, sql attacks and even staff credential leaks. Once these hackers have access to the Database they can then sell the Database dump which normally has millions of usernames and passwords or they can upload it to the internet to share with others.
You can find out if your email address has ever been compromised by using a website that holds a copy of the leaks and will tell you if you email address has ever been put on these lists.
Check out https://haveibeenpwned.com/
If your email address has ever been compromised it’s important not to ever use them old passwords again. I recommend using a password generator and keep a separate password for each website or service you use online.
Do not use family or pet names or your favorite football team as these passwords can easily be compromised. A lot of hackers use a dictionary of millions of commonly used password possibilities.
I recommend a minimum of 8 characters with alpha numeric and special characters, eg: D$gh*@1F
A lot of websites now let you enable 2 Factor Authentication, e.g you will receive a text or email with a code to login as well as your password. I highly recommend using this as well.