The dashboard shows information for all the leaked accounts in the past. So, this is the expected behaviour. A leaked credential has two time attributes, the time when the credential was leaked and the time when the leak information became available to us. So, it is possible that a credentials of a user were leaked 2 months ago. This information became available to us today. The user might be still using those credentials. Time based filtering would have missed to show such data on the dashboard. So, the dashboard does not use time based filtering.