It’s not going out unless someone requests it though. Data from a database on an unsecured server doesn’t just find its way onto the Internet or hackers computers - they need to take it.

This is why I said it’s misleading. There’s no evidence of anything being taken. It was there for the taking, but if it wasn’t taken then no one’s details were compromised.