Send me the data, not just the site name
When you find my email in a breached site and on a list somewhere where you say that my email and password were found, send me the details (i.e. the password or hashed password) so I can decide whether I need to change my password. I use a different password at every site. So knowing more than just my email was found a list would be useful.
Here are all the reasons I don’t make passwords available via Have I been pwned: https://www.troyhunt.com/here-are-all-the-reasons-i-dont-make-passwords-available-via-have-i-been-pwned/
Thanks Troy for your response. I understand why you shouldn't send passwords or hashed passwords. And I agree.
Unfortunately, I have logins at well over one hundred sites, most using the same email, but a separate and unique password for each site. So just knowing that my email is on a public list doesn't help me decide which site passwords to go and change. Yes when a site like LinkedIn or Adobe is compromised, I can go and change my password at those sites.. But when I just find out that my email is out there, it doesn't really help.