A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.
With a dataset this large, no site that allows logins is unaffected by these leaked credentials
I like how the article has several links to things it mentions, but doesn't link to Have I Been Pwned at all even though that's the key site of the whole thing and where the reader should go to see if they're affected. Well done, article.