Ok, I work in Network security, so this is my field.
First, it is possible that your email address was sold by USCCA. However, you have no proof of this and it is not even the most probable case here, so until you have proof, please refrain from accusing them of this.
The single most likely case is that your email address was stumbled across by a bot that randomly tries email addresses. The bot sends an email to a random email address. If it gets an undeliverable response, it moves on. If it doesn't, if knows it's found a live email address and you get put on a list.
Your email address could have been compromised, though this is a low posibility since you rarely use it. If this is the case, you would not only get, but be sending spam email.
USCCA's server could have been compromised without their authorization or even awareness. This would have meant that your email address is on a spam list simply because USCCA got hacked and it's hardly fair to blame them for this.
There are several other reasons you could be on a spam list. If someone held that email address before you, that email addy would still be on any latent spam servers, though this is extremely rare.