Am I the only person worried about how this represent a potential violation of privacy? You can not only enter your e-mail address to see how you are affected, you could also put in the e-mail addresses of other people, and boom, you can see what communities they have signed up for, assuming those sites have suffered a breach some time in the past. I might have given Last.fm my e-mail address during the signup process, for example, but I might not necessarily want the whole world to be able to determine that I have signed up for Last.fm.
Yes, I am aware that the breached data is already floating around on the internet, but it isn’t so convenient to consult it as on this website (or Have I Been Pwned?). These sites ought to require that a person prove they own that e-mail address before returning data concerning it.
In response to your first paragraph: "...yes?" You're literally describing the ramifications of a data breach. Whether the data is easy to get is entirely irrelevant: once it IS available, you'll have to operate under the assumption that any damage that can be done, will be done.
As for the second paragraph, it is trivial to grab a copy of all this data. The only ones that are hard to get are the ones you (or even anyone) haven't been told about yet.
And anyone could do the same. It would probably take me the afternoon to create a service that searches an email address in some text files. Overall having people be aware of data leaks is more important than attempting to hide already public data.
Yes, I am aware that the breached data is already floating around on the internet, but it isn’t so convenient to consult it as on this website (or Have I Been Pwned?). These sites ought to require that a person prove they own that e-mail address before returning data concerning it.