Is it a "pawn" though? Your email address in their database does not necessarily mean your security has been compromised - just that your on a spam list somewhere?

They have added the "GeekedIn" leak from mid last year in the database even though technically none of the information was private (IIRC it was all scraped from GitHub's public API).

Sometimes getting on these lists is fairly harmless by itself, but they can end up leaking a large amount of data about some people.

Just knowing that an email address is used and active is a start, but combine that with other information that could be grabbed like rough location data, IP address information, knowledge that the email was associated with that service, active usage dates, and more can end up being much worse.

Yes, it appears to be -- the article implies that backups of data from the spam operation were exposed to the public.

Even if not, it would be nice to know if my email address(es) were included.