haveibeenpwned.com says they have over 10 billion compromised accounts. Given that they have access to all these data breaches, then malicious third parties also have access to all these data breaches. No attacker is going to be able to try 10 billion different accounts multiple times each across different websites and services to see which ones are still active and being used. So they start a fake "check if your account has been breached" website where people enter their email addresses. Each email address which is entered has a high chance of still being used, and so those are the ones they focus on. By using a site like this, you could inadvertently be making yourself a target.

Having said that, haveibeenpwned.com has a pretty solid reputation as explained by cryptomaniac above. I wouldn't worry about using it, but I certainly wouldn't use any other website along the same lines.