Understand the breach
Carefully read the details about the breach, and consider what personal information has been compromised. Consider when the breach happened, it may be months or years since it occurred and the company who have had the breach have only just found out about it. Quite possibly details of the breach are only being made public by the company since they've introduced security measures to ensure it doesn't happen again.
Update passwords
The first change to make is to log into the compromised account and change your password. If you cannot access the account, contact the website to find out options about recovering the account or closing it completely. Perhaps even you don't recognize the company and don't recall having set up an account with them - in that case, it could be possible that someone has created the account in your name. Contact the website owner to close the account down.
Update shared passwords
If the password on the breached account is shared, i.e. used on other websites, it is important to change those also. Hackers will attempt to use a combination of known email addresses and passwords on a multitude of websites.
Financial data breaches
Most of the breaches expose passwords and email addresses, but in some cases, sensitive financial information may be exposed if the website did not store the information securely. If bank account details or credit card numbers are on an account that has been part of a data breach, it would be best to alert your bank. In many potential fraud cases, banks advise replacing your physical card to prevent any stolen card details being able to take place.
Check credit reports
In the US, credit reports detail any applications for new bank accounts, credit cards, finance agreements or loans opened in your name. Checking your report does not affect your credit score, and can be permitted free of charge once a year.