Thanks for your response exile. A new key makes sense security-wise since I have already changed the account password. The initial purchase info went through a Microsoft email account and I didn't think to delete it, so that may have been where the leakage occurred. I double checked all the instances of Malwarebytes on my account and came up another unknown device listed, which I deleted. In this case no name was associated with the user... it was simply left blank.
We are concerned about leakage of bank info so your comment is reassuring. Will complete the form as you suggested. Ty.