Another "funny" detail is that the address of the receiver was actually written in the send box, in case this could mean anything.
Based on this I'd take a guess and say it sounds like they had access to the PC running multibit. This could be physically or possibly through some remote desktop/vnc/teamviewer feature. Do you have anything like this running? With the same password as gmail?
How many other services you use has the same password as your gmail?
How many other services you use has the same password as your multibit?
Password reuse is a big problem:
http://xkcd.com/792/