That includes some where the password data may have been stored encrypted, so if someone has managed to crack open a site where you had an account registered, it's likely they have your info and know what password you were using. If you've logged into a customer support portal or some random forum with your email address and used the same password you use for your main email account, Netflix, Facebook or other accounts, then it could be trivially easy for someone to have that and use it to log in as you.

Now emailing 768,253 individuals who subscribed for notifications and another 39,923 who are monitoring domains... — Troy Hunt (@troyhunt) January 16, 2019

Unfortunately, for reasons Hunt explains in his blog post, it's impossible to see what account or password may have been included via his site, which is why you should probably be using a password manager (if you have a truly unique password, you can see if it's ever been exposed in one of the breaches on this page). That would make it easy to maintain unique passwords wherever you have accounts, and easily change them if there's a breach.

So to recap -- sign up for Have I Been Pwned, it's free and can alert you to breaches quickly. Use unique passwords, which could be easier to do if you use a password manager like 1Password or LastPass, or even if you just write them down and store them securely, in addition to multifactor authentication where available. You can't stop your information from popping up in breaches like this, but taking those steps can lower the risk of impact before your personal Facebook page starts offering deep discounts on Ray-Bans or someone in Latvia is adding to your Spotify playlists.