I too just got this notification from LifeLock:
DARK WEB MONITORING ACTIVITY NOTIFICATION
We detected identity information which may belong to you on the Dark Web, a term used which may also include the deep web or a peer-to-peer file sharing network.
The information found is usually from a "list" that's being given away, traded or sold. The list could be old, so it's important to see whether or not the information is out of date.
If you recognize information below as belonging to you [and it did] change the password immediately with the affected website or service immediately.
We also recommend setting up 2-factor authentication if available with that website/service.
If you see a social security number belonging to you, review credit reports for suspicious activity, watch financial transactions, and make sure LifeLock alert preferences settings are up to date for the account that belongs to you.
The site MacForums has been reported to possibly have suffered a data exposure that could include usernames, emails, passwords and more information.
The possible exposure would have happened in November 2017, although it was reported in November 2018.
So my question is, why are we just hearing about this now?