Hello.
This is just theorethical, but what EXACTLY happens, when you have been pwned? My three really old and unused accounts have been leaked. I discovered it throught Avast HackCheck (or what it is) and HaveIBeenPWNED. They say they discovered our accounts on darkweb.
What can happen? Does anyone deal with it and sell it? Can it be dangerous? Can they steal your email account? Can someone stalk you?
At some point in time your email address and possibly other information could have been harvested or a site that you have to logon to access it has been hacked (and data stolen). If you are in the bad habit of using the same password for multiple sites then those sites could be accessed using your credentials. Depending on the site it could be as bad as it gets if it is your bank or a shopping channel, etc. That could cost you money. Sites should do more to protect user data (in the event of their getting hacked), by encrypting at least the password making it harder for you to get really pwned.
If you are using good practice and use strong passwords and a different one for every site (a password manager, etc.) then this would be less of an issue.
Yes this data can and probably been sold and probably more than once. You may well see an increase in spam, scams, phishing attempts, to try and capture more of your logon data, etc.
At the very least if you know what sites you used using these emails you should changed the passwords for a stronger one and or possibly changing the associated email and retiring these captured email addresses.