Phishing, scams and social engineering mostly. Such breaches are a gold mine for that.

Scam calls are a lot more credible when rather than starting with "Hello, this is Microsoft calling. There is a problem with your computer." you get a call like:

"Hello Mr. zkmon, this is Mallory from MasterCard. I'm calling to verify a recent, suspicious transaction from your card to Vietnam Airlines on August 6th. We just want to make sure that was you and your card is not being misused. Before we do that can we please quickly verify your identity? I see here in our system that you're born in 1996. Can you please tell me your exact birth date so I can be sure I'm really talking to Mr. zkmon?"

Bonus points when the breach contains what bank you are at so they can pretend to be them.

Also such databreaches are useful for stalking people or tracking people down with very little information and then doxing them etc. Say all you have is an online username of someone you don't like, so you just search a database of leaks for that string. From there you get an email address and full name. And from there you can continue searching other breaches with those details and using other public sources.