We don’t really track if some ToS or Privacy Policies are violating the law, nor if services have been hacked recently.
I can’t help you about these points, but at least I can with the two others: I listed all services with an E grade and also all services with approved Blocker points on their ToS (or approved-not-found). Here they are (it’s quite long )
With an E:
Fur Affinity, Quora, WikiHow, CNN, Spotify, Pinterest, Twitch, Pure.Dating couchsurfing, Disqus, Instagram, VK, SourceForge, HuffPost, ASKfm, Blizzard Discord, McDonald’s, Khan Academy, Bandcamp, Patook, WhatsApp, Zillow, Enpass, Crowdmark, ICANN, Artspace, Healthline, Virtual World Computing Cocoon MyData Rewards, National Geographic, Houseparty, Urban Dictionary, W3Schools, Dropbox, Tripadvisor, Twitter, ShapeShift, Ubisoft, WeMod, Fandom, Fandango, Attendify, Facebook, Fivestars, likee, YouTube, SparkNotes, edX, Brainly, Reddit, Steam
With approved Blockers (not including the ones above):
Snapchat, Airbnb, Tumblr, Colloq.io, Indeed, IFTTT, Pornhub, Bitchute, Linkedln, Course Hero, PayPal, MySpace, Prezi, Google, Hacker News, Yelp, Nexon, Vimeo, Habbo, Kahoot!, Leagueoflegends, Discovery, Redbubble, Etsy, Kitsu, Playstation Network, Vox, BBC, Observable, Jagex, Keybase, Viagogo, Speedtest by Ookla, Avast, Ancestry, Yandex, Aliexpress, Quizlet, Amazon Prime Video, Doxy, Target, Taskade, Roblox, Hulu, Kongregate, Xfinity, Pixel8Earth, Brilliant, ControlC, Virtual World Computing Cocoon MyData Rewards, Waze, Doublelist, Kuketz-forum, Newgrounds, Apple, Todoist, Roll20, Photofeeler, Creative Commons, Cengage, Tapas, iCloud, IMDb, PixelCat Productions JB Auth, pCloud, Search Encrypt, Wattpad, Microsoft Services, TikTok, Setlisting, privacytoolsIO, SpigotMC, Rabbit, Medium
I may have done some mistakes, so I’d suggest you verify this information by yourself.
Also, keep in mind that all this work has been done by volunteers so there might inaccuracies.
I hope this will help!