Almost everyone uses email, and many of us have multiple accounts with various providers: gmail from Google, Outlook mail from Microsoft, an address provided by a school or employer, or perhaps mail through a privately-owned domain. Every online resource for which we establish an account requires inputting an email address as part of the registration process. Most services will authenticate the registrant via the entered email address, ensuring the person registering is a real person and at least implying the same person owns the email address (access doesn’t necessarily mean ownership, after all).
Most applications and services also rely on that same email account to facilitate user access in the event of a forgotten username and password. That’s why protecting one’s access to email is so important–if a person with criminal intent gains access to an email account, they can gain access to bank accounts, credit card accounts, social media accounts, etc., and often with considerable ease. Just consider how easy it is to gain access to a site when you forget one of your passwords and it’s not difficult to understand how easy it would be for someone with access to your email account to do the same.