Thanks, I finally found it. I was already subscribed and verified, but still couldn't find this anywhere. To get to it I had to:
- Signup again from the HIBP website
- Get the verification email telling me I was already verified
- Click through it
- Scroll to the VERY bottom of the page and find the stealer logs.
My natural question is of course how my credentials were stolen logging into gmail.com (yay 2-factor), but at least know I know that's where I need to change my password.
I should note that the initial notice email about the breach that I received from HIBP for already being verified appears to not have any direct way to actually get this information.
That's true. My point was just that the important thing here is knowing personally which domains were affected so one can personally change those sets of credentials. If I don't know which of my credentials leaked then there's no value to me.
I was able to finally get access and did change the specific credential that had leaked (again, not assigning blame to any specific site here).