[css]

For me, the HaveIBeenPwned domain search only lists one item in this breach: my LinkedIn@... email. Searching my inbox shows that the only emails sent to that address are from LinkedIn, so it probably came from a company I sent a job application (LinkedIn Easy Apply) to at some point.

[devinegan]

This. My e-mail in the breach is a LinkedIn specific email. It has to be part of the clue to attribution. Social media scraping, possibly from multiple sources seems to be more likely than another LinkedIn breach.