Unlikely, because he managed to reset his password via mail (don't think phishing sites will do that).
In any case, there is just one password change in the seclog and OP has confirmed that it is him. So he has a new (and hopefully secure) password.
March 17, 2017, 09:35:53 PM - BALIK - password reset via email
I don't disagree that it would be like that, but OP may have potentially closed the tab and then manually typed in "bitcointalk" to go to the official site rather than any phishing site. It's within the realm of possibility, so amuse me.
I still think it's to do with the typing, though.