That is true. But then many people put a lot of trust in the major providers in many other areas too, such as hosting their private files and email, holding card payment information, and so on.
Another method is to delegate the registration and login flow to external providers, using OAuth.
If you have to log in to a website via one of Microsoft, Google, Facebook, Twitter, etc. then, if implemented properly, there's no way of knowing if an account associated with this external identity exists already.