[phlux]

Then it makes it COMPLETELY useless information. You know how many thousands of sites I used various email addresses on, clearly everyone else is the same.

It should tell you which sites were compromised such that you can ID if you used your email at any of said sites.

Just saying ambiguously that there was a site which may have been compromised out of the 2 billion sites online is laughable.

[dagrz]

I would argue that it's not completely useless as the average person re-uses the same password everywhere. Even if you do it across a small number of sites it could easily start a chain reaction.

In fact, I would say that prompting the average person to change some passwords either way, is a good thing.