It seems that now you should not only use different passwords anywhere, but also different logins and emails, different credit cards and may be even different names, addresses and phone numbers. Just to be sure.
I use different emails, for everything. I manage my own domain(s), so I have anything @mydomain.tld. I'll usually give unique email addresses that identify, to me, the organization or service that gets the address. Occasionally an address becomes the target of spam, and I just kill off that address.
That wouldn't really helped you in this case, would it? The attacker got the account reset simply by phoning the customer service and making them send a password reset link to a new email.
Also how do you manage said X number of emails? Do you log onto each one of them, or do you forward all emails to one "master email"? If so, the master email is still the single point of failure.