NewReleases is now checking every new password agains already compromised passwords completely internally. NIST SP 800-63B guidelines https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf state that user-provided passwords be checked against existing data breaches.
We are using an excellent list of 573M passwords provided by https://haveibeenpwned.com/Passwords. But completely internally. No password or password hash leaves our servers.