If you see an unknown email address when attempting to get a password reset (either cPanel or Email), then you might think: "Oh no!, I've been hacked!"
Don't panic. You have not been hacked. This is actually by design to prevent hackers from obtaining valid information. If you review our documentation here: How To Reset A cPanel Sub Account Password
You'll notice under the Important section:
If you do not specify a contact email address, the system displays a fake email
address when you attempt to reset your password. This helps protect users' credentials
on your account. This email address appears as a hint in the Contact Email Address
text box on the cPanel Login interface.
However, because you have not set up a valid email address for retrieving a password reset link, you will need to contact the host/provider.