haveibeenpwned.com

I don't know what haveibeenpwnded does.  Would they charge a fee for something?

I also don't know how "security" companies scan the contents of servers.  Administrators of the Dark Web are sneaky but not sneaky enough to secure the contents on their servers from being scanned?

I also don't know what makes an email address become compromised.  I'm sure your address is already on the Internet.  It's on haveibeenpwnded.  What difference does it make if it's also on some unregistered server?  I'm sure mine is.  In fact, I'll just assume every scammer, hacker and terrorist in the world has my full name and email address.  What can they do that legitimate companies don't already do?  Send me stuff?

Email addresses don't get compromised.  Login credentials get compromised.  I'm glad you were spooked into changing your passwords.  Spooked or not, you should routinely change your passwords.

The "Dark Web" has become a marketing term.  Marketers are selling fear.  I don't believe a "security" company has ever confirmed an address is not on the dark side.  It'll be cheaper to just assume it is.