Huh. I was actually tech lead of the team at Google that implemented the anti-hacking feature you saw. Good to know it's still working!

Your password sounds strong, but was it ever used for anything else? In particular, was it used for any websites? The fact that someone knows the password to your Google account strongly implies to me that it's due to a hack or password leak from somewhere rather than an issue with MultiBit itself, but we still should get to the bottom of it.

Making a backup doesn't reduce the risk of getting hacked, it increases it, because to hack a wallet you need both the password AND the wallet file itself. So the more copies of the wallet that are lying around the easier it is to satisfy the second condition.

Did you import any keys to your MultiBit wallet from anywhere, or did MultiBit generate them?

The ps output you posted is truncated. It's really the last column that's most important. You can send it to me in a private message if you want.

I wonder if we need to bump up the encryption strength. Ideally it would take several seconds to decrypt the wallet and I don't remember MultiBit taking that long.