The HaveIBeenPwned website was mentioned on this forum before but I remember a post by one user who said that the site could also be a way for a malicious user to get a new list of emails that are still in use and have some sort of importance to their users.

For example, lets say that the site is hosted by someone with bad intentions. He could easily check which email addresses have been searched on his site. Those emails were probably entered because they are important enough for their owners to check if they got hacked or not.   

The owner of the HaveIBeenPwned site now has a new list of email accounts that he can use and investigate further.