Another question I have is what email address/username was used in this situation, is it one that is shared among other websites of the same nature or was it a unique email address that was never actually used for email purposes?

If your email address even shows up on a Google search that means it is vulnerable. You should have a unique, unknown, unused (besides verification and sign up) email address/username that is not listed on any search engine to maximize security. If you don't have a unique username then you should have a super common one that shows up everywhere.