You got phished!
What this means is that you've been victim of a malicious activity that was aimed at stealing your credentials! (And it succeeded!)
The good news is that this was orchestrated by Theo, your sysadmin, and your credentials remain safe to the outside world. This is part of an effort to draw awareness to the fact there is bad guys out there who are after you!
First, the email you received pointing you to the login page did not come from a valid Microsoft domain.This should have raised concerns.
(It is easy enough for bad people to pretend they are sending you emails from an address that is not theirs).
The login page you were directed to looked close-enough to the Microsoft login page. But not exactly though. You could have seen that this was not the official login page by looking at the url in the address box).
Alway ask yourself, is this real or could this be something else?
Not much really. Just change your office 365 password, as this is no longer safe and be careful out there!