First of all, please rest assured that this does NOT relate to a data breach at Voyant.
The iOS update 14 checks passwords that a user enters against a list of passwords which were obtained from a data leak. We are not sure where iOS gets the list data leaked passwords or even if the password is related to the user's email/username. What we can say is that this is NOT indicating that Voyant has leaked any passwords.
Voyant stores passwords as an MD5 hash which is just to say that it's not in plain text or in any form that could be decrypted.
Most likely scenario is that a user uses the same password everywhere (or the password is a common one that other people use elsewhere) and one or more of these other less secure sites has had a data breach.