HIBP provides a free service to the public to check if emails or passwords have been compromised. Reusing passwords is common practice with many users but it is extremely risky. Threat actors will use lists of stolen credentials to attempt to breach other accounts in a practice called credential stuffing. Users can protect themselves from Credential Stuffing attacks using Multi-Factor Authentication (MFA) and unique passwords on every site. Even if passwords are reused on other sites, MFA can help prevent account takeover on those sites that allow it, but a password manager that creates strong and random passwords paired with MFA where possible can be an easy to use and highly effective combination for protecting access. While these preventative measures stop won’t breaches, they will make it much harder for an individual to fall victim to a credential stuffing attack.

Sources: https://www.bleepingcomputer.com/news/security/fbi-to-share-compromised-passwords-with-have-i-been-pwned/

https://www.troyhunt.com/pwned-passwords-open-source-in-the-dot-net-foundation-and-working-with-the-fbi/