Hi there, sorry to hear you had your account hacked. 
Here’s some info posted by Epic detailing the hacking attempts (and successes unfortunately) being carried out by a group of Russian hackers, and what Epic is doing to combat it. There were large “dumps” of email account username (or email addresses) and passwords posted to some hacking forums a while back and the hackers use “credential stuffing” (automated injection of breached username/password pairs in order to fraudulently gain access to user accounts) to gain access to accounts on other websites that use the same password.
The hackers are targeting Epic account holders with payment options to fraudulently purchase Fortnite V-Bucks, which they are then reselling on some shady websites. Check your account order history by hovering your mouse over your name at the top right of this page and select Personal, then from the left panel select Payment History to make sure there are no fraudulent purchases. If there are please contact either PayPal or your credit card company to inform them of the fraudulent purchases, they will then contact Epic about it who will refund your account for the amounts listed.
To protect from any further issues:
1 - Change your email and then Epic account passwords
If you use the same password as your email on any other site change those passwords AND your email password immediately to prevent more accounts being hacked. See the security bulletin I linked above for more details.
2 - Remove saved payment info
Please make sure you do not have any payment options saved to your account, especially if you are getting the “unsuccessful login attempt” emails. You can add them back in when you need to buy something, but make sure you remove it again afterwards. Leaving this info stored in your account is a potential security risk that just isn’t worth it.
3 - Enable 2FA
Enable 2-factor authentication for your account. This is the best way to ensure the hackers are no longer able to access your account. Make sure you do this AFTER changing the password on your email, otherwise they will have access to the security code.
4 - Check other email addresses on have I been pwned
The haveibeenpwned.com website will allow you to see whether your email address has been included in any of the data breach “dumps”. If it has you do not need to stop using the account (unless it concerns you) but you should increase your security on said account by using a stronger/longer password (preferably with a mix of upper/lower case letters, numbers, and symbols), enabling 2FA, and changing your passwords regularly. I recommend using a password manager such as LastPass, Dashlane, 1Password (those 3 need to be purchased), or if you’re on a budget try KeePass which I use it myself and it works just as well as the paid products.
If all else fails contact Epic Account Support to have them force all active logins out and then change your username and reset your password. You can get in touch with them by filling out this form. It says Fortnite, but it’s temporarily being used for UE4 support too. Select “PC/Mac” from the Fortnite Game Platform combo-box, select Fortnite: Battle Royal as the Game Mode, and then use the “Account Security Issue” option for Game Issue.
Make sure to include all relevant information, including any fraudulent order numbers if applicable. They will reply back by email asap, but please be aware the support staff are very busy currently so it may take a couple days for them to get back to you.
Thank you