passwords – Was the email hacked? How did this happen and given the claims, how should it proceed?

My friend's email looks like it was hacked. The hacker sent him his password in the email to prove that he had hacked it and my friend said that it is his password. However, did he say that he sent the email from my friend's account (but then says Wayne Carney) as the sender? I'm rambling (but I still want to know: P).

What I want to know is how this could have happened.
What procedures should my friend take now? And some advice for the future?

I would like to add that we do not intend to make any of the Bitcoin transfers or contact this type (or gal) in any way.

enter the description of the image here
enter the description of the image here