Member complaint follow up:
I placed a formal request with our systems engineering technical support team, to examine the feasibility of the poster’s claim.
Results as follows:
I've found nothing to indicate that there was any breach, it's most likely a compromise on his local machine that was harvesting credentials as he typed them via keylogger. This scam attempt is very common and utilizes bulk data dumps to target users on topics that the attacker believes a subject would not want disclosed. It's usually related to porn sites and/or pirate downloads.
There's a pretty big disconnect between the claim that it happened on multiple PCs and the concept of it being a breach of Milsurps. Recommended course of action for him would be to change all his passwords, and to get a quality AV package. If he's using Windows, keeping Windows Defender updated and running is a good start. Although most people don't LIKE doing this; enabling User Account Control in Windows goes a long way to stop harvesting of credentials by preventing applications from running with Administrator privileges without secondary confirmation/permission from the user. Most people find this a nuisance and turn it off, which isn't advised with the current climate of the Internet.