More than 3 billion user credentials were just posted online as part of a data breach compilation that’s mind-boggling in its scale. This collection of user data is being called the COMB, or the “Compilation of Many Breaches.” This is not the result of a new breach - rather, it pulls together stolen user data from previous breaches of services like LinkedIn and Netflix.
Doing this will also allow yourself to find out how your users are misusing company email. I found users who were using their company email to register for things that the company did not want to be associated with. Some were innocuous but still not approved use of the company email system, i.e. dating websites, hobby websites, shopping websites, loyalty rewards websites, etc..
Whenever I got a hit on the domain email, I would go interview the user to see if they used the same passwords across multiple sites AND for the company login. I would also take them to the haveIbeenpwned website and have them check their personal emails for breeches as well. That way they would be aware which of their passwords were known and to not use them ever again.