one of the significant "advances" in the hackers arsenal is the availability of tools to automate the exploitation of stolen credentials which may have been reused across multiple sites.
so if you are shown as having lost your user credentials on sony or adobe etc...then these credentials are likely being tried on other websites.
of course, your original password will have been stored hashed (and hopefully salted) - but there are ways e.g. rainbow table to derive the original password.
a quick word of caution, many companies do not disclose breaches - so a green light on haveibeenpwned.com only means that you are not on a known/disclosed list.
personally i don't quite trust lastpass etc. because they are themselves targets...and often rely on a single master-password which if ever compromised would give an attacker access to ALL your passwords.
so if you are shown as having lost your user credentials on sony or adobe etc...then these credentials are likely being tried on other websites.
of course, your original password will have been stored hashed (and hopefully salted) - but there are ways e.g. rainbow table to derive the original password.
a quick word of caution, many companies do not disclose breaches - so a green light on haveibeenpwned.com only means that you are not on a known/disclosed list.
personally i don't quite trust lastpass etc. because they are themselves targets...and often rely on a single master-password which if ever compromised would give an attacker access to ALL your passwords.