They're probably working from many databases at the same time, so some people will have differing views on the ultimate source of the leaked data, and correctly so if this is the case. I can say for certain though, that after going through every single signup User Password that I keep records of (since about 2004), the only time I've used that password is on last.fm , so I'm convinced that's where my own data was leaked. I doubt they used any address data to correlate between sources, as I almost without fail use false address and personal data.
Big Reg got a reaction from DaMonkey in First of the ncix leaked info scam letters going out?