There is even an RSS feed. It doesn't cover every breach but certainly significant verified ones - details in the site FAQ. There is even such a thing as faked breaches!
The best site I've used is haveibeenpwned.com, seems to be the go-to for most security breaches and has a tool that can notify you when some of your information has been compromised tied to an email address.
I don't like that because if you put in an email address it doesn't reveal whether you've already addressed the issue or not. It just shows if it was included in a breach, great for newbs to go "ooOOOooooOOoo" but useless for anything else.
I also alias email addresses for every service that allows a + sign in the email field, so now I have no way to notice quickly if the email was included in a leak. But I do have a way to know which service got breached or sold info if I start getting additional emails to any particular alias.
