Most of the times, the email we enter in crypto related sites to get updates about crypto news etc are being sold by these companies. These emails may also reach to hackers who attempt targeted a phishing attempts to get users password by impersonating the famous site.
The only case of sold or giving access to data was Coinbase. But others were like Ledger were hacked database.
However, in case of binance, the hacker won't be able to hack the account because binance have the 2fa feature. So if anyone got your binance password, your account is still save unless the hacker get hold of your 2fa also.
It's still possible even if you have 2FA enabled. Hasn't it happen last year? Hacker hacked Binance and stole coins. However fortunately the insurance covered the loss.