I've never experienced anything like that and haven't registered on coinlist at all and some email checks don't show any incoming messages about this, but I've seen the same thing as you before, received an email from the coinlist and told me to verify it even though the person concerned has never registered and is asking the group on Facebook, but there are those who suggest not verifying if you have never done anything that is feared there will be phishing that continues to spread through many media.
If there is a data leak, I still don't get clear info about this.
Thanks for sharing this. I wasn't aware if there are any other people who had this experience as well. The connection still seems bleak but there could be a connection with regards to where they got the information.
Email spoofing makes it possible for scammers to use the exact display name and email address so this may not be coinlist at all. Copy the link and paste it to URL redirect checkers (e.g.
https://wheregoes.com/) to see if it redirect to something else.
I never knew there's a tool like that. Thanks for sharing this. I did check it and it is Coin list, so I think it's safe to cross that out that it's not a spoofing method.
Otherwise, they could be checking if you have an account there to see whether it's a brute force candidate or not. Make sure tied important accounts have strong passwords and if possible enable 2fa too. They could be doing the same thing with other websites, who knows one day they might hit a website which you have an actual account.
This is my theory too. I do have strong passwords and don't have the same passwords on different sites. I think this has reassured me that I'm still safe.