The company I work for (stytch.com, we provide an authentication API) tracks breached passwords and, depending upon config, will invalidate passwords that have been leaked. Will be interesting to watch our logs over the coming weeks.
This reminds me of [0] where they maintain composite lists of frequently used passwords. Also in the repo is probably my favorite pull request ever [1].