Change your password on the affected websites at the very least.

If you recycle the same email/password combination (which I most definitely hope you are not), time to change all those passwords (to unique passwords) as well.

Depends on what you use those creds on. If it’s the same password as your bank, go freeze your credit in addition to updating your PW.

Well this is interesting. Some background:

https://www.troyhunt.com/experimenting-with-stealer-logs-in-have-i-been-pwned/

You wouldn’t happen to have some malware on your computer or logged into an account from a compromised computer?