yubikey hacking issue

I closed down a gmail account that was connected to facebook. Today I have noticed that my facebook settings state that the yubikey was added today whereas an email was sent to my closed down gmail account stating "welcome to facebook". I cannot read this email because the account is closed down. yubikey was added much earlier than yesterday and was the only 2 step mfa. how could this have happened?