Did you use a simple password? It's vulnerable. If its semi-hard, and if you can't easily roll the key, try to crack it. Unless the attacker is targeting you specifically, they will give up after $x of cracking.
Switch to the newer format, roll your keys regularly, improve your logging, honeypot with the old keys, put AppArmor/SELinux controls on the .ssh directory.
Yep; this is an attack on the password-encrypted file.
You can't tell if it's leaked or not unless osmeone starts using it. You can tell if it's in the safe format right now by looking at the first few lines of the file.
How can I tell if my file is vulnerable once leaked?