in your 'sent' box, did it include the email that was sent?
if not, it may have been removed, or they could have spoofed an email from your address.
This is actaully very easy to do, all you need is a webserver.
Here's an example:
for my app Neon Bunniez, I let the users upload levels they create, it uploads them to a server which then emails them to me.
Here's the email I get:
Which appears to come from
[email protected], which isn't true. So if they sent a spoofed email too TGC, appearing to come from your email address, when they reply to it, it'll go to you. No hacking required.
It is very much illegal to fake email addresses (for the purpose of impersonation, mine is not illegal). If TGC still has 'your' email to them, they can check the actual IP/server it came from by viewing the extended headers, they can then contact the authorities, who can contact the server it came from, who can detect the IP of the user who used their servers, which can be tracked by the police and he can be arrested and imprisoned (impersonation is a serious offense).
Then again, maybe they didn't do it this way.

The
NEW, awesomest app on Google Play