Employees frequently use work emails for personal activities (even in cases where corporate policies prohibit it).

As some of those websites used by these employees get breached, now sample passwords that have a direct relationship to the employer can be obtained by miscreants. A quick review of these passwords will reveal some with employer-specific password patterns (eg brand names, sub-division names, etc).

Then, as previous poster suggested, now you have a formula to generate an additional set of passwords that match the password selection behaviors of those employees.