Well, it's actually not a scam!
After researching a bit about the website, I figured out it's a legit one that comes from Troy Hunt that is indeed a security specialist.
What the website does is this..:
Over the past few years there have been some major security breaches in some huge platforms from Adobe, yahoo, dropbox, etc. (these are publicly known).
The guy has accumulated a list of the email addresses and domain names that were included in the accounts that were compromised during those attacks (not sure how but I won't ask).
Sure he can't tell for sure if someone has actually used the compromised data, only presenting results from accounts that MAY have been compromised.
If for example an email was included in the lists of the compromised accounts from Adobe then it should pop up in the results.. it doesn't mean that someone had actually assumed control of the account but at some point in the past, it was possible during the breach.
Etc, a server has a list of accounts with their encrypted passwords. If a hacker figures out a way to pull that data from the server, the accounts in the list should be considered compromised but it doesn't mean that he also decrypted them or figured out a way to use them.. it only means that there is a possibility in doing so.. it's when such sites recommended us forcefully to update our passwords..
It's happened to me in the past in dropbox and trillian once.. They had asked me to change my password just to make sure my account is safe due to such a security breach.. and yes my email that I was using with them, pops up in this site's results as pwned so the data is accurate..