Tracks data breaches reported to governments
The U.S. Federal Government has no laws or regulations requiring companies to report data breaches to them or to the public. Each state has it's own laws and regulations, which generally require companies to report the breach to the state and to the individuals living in the state who were impacted. Because the whole picture is rarely reported across state boundaries, it is hard to judge the scope of impact of a given company's breach.
breach-tracker is an attempt to aggregate the breach notification data across each state so that anyone can see how impactful a data breach really was. For instance, a data breach impacting only 800 people in Washington doesn't seem egregious, but if there were tens of thousands people impacted across every other state, then there would be more concern.
The consumption model for this data has not been decided yet (APIs vs webpage, etc).