>As someone who deals in breach data this is a simple regex to strip out.

Sure it is, but at least you do get later, post leak, a slight chance find out where leak originated.

Data stealers seldom strip out that +extension part before the selling or otherwise dump it somewhere. And while it's passed on, you get to see address as you gave to that party that had leak. Reason seller don't strip of it is perhaps because they sell by number of unique addresses and while +extension usage is quite rare they make more money when they don't strip it off too.

Information where it leaked can be very useful information to pass leaker at least up till point they have announced they know about the compromise happened. I've done that since turn of century too many times I've lost count already and been quite many times the first to get them know that they had a problem there.

And sure I've received thank you emails that I gave them early head-up info about the issue.