Got this warning on Safari today.

Might want to change your passwords?

Hi Adrian, it’s a known pop-up scam. Don’t click the link. Changing the IIS password can never hurt, of course.

It may not be a pop-up scam. A few browsers (Mozilla Firefox for one) have the ability to search for common passwords that have appeared in data breaches.

Trust me, if you're using a word-based password (eg: eucalyptus23) then it will have been leaked in a breach somewhere. You're better off using a pass-phrase of 3 or 4 words (eg: YourCatSmellsBad) or a password manager such as 1password, LastPass or BitWarden to generate and store massive and complicated passwords for you.

You can always drop your email address into Troy Hunt's excellent "Have I Been Pwned" search engine and see if your email address has been involved in a breach.

Cheers,
V.

As AstroViking mentioned:

https://haveibeenpwned.com/

You can search a huge database they maintain to find if your email or passwords have been released in data breaches. They will also tell you what company released you info.

Chris