All that would tell you is the earliest date your database was compromised and then sold to spammers. If an attacker can harvest your database once, they can do it repeatedly --- which is why warning all your users to change their passwords in this situation is a bad idea.