Use the “passwords” feature to check if one of yours is compromised. If it shows up, never ever reuse those credentials. They’ll be baked into thousands of botnets etc. and be forevermore part of automated break-in attempts until one randomly succeeds.
That’s just your email address being sold by information brokers. Not illegal, not a reason to change your email address. Block, delete & move on.