This story in Computer World details a data breach at The University of Texas' Austin campus. It's a big one, possibly affecting 197k people.
The breach was discovered last Friday. They've already announced it. While the forensic stuff is ongoing, they've stated and are acting as if their number one priority is getting the information to those affected.
As much as I hate the idea of patting someone who has not adequately kept such sensitive information well enough, I've got to hand it to them. They are handling this the way it should be handled. There are a lot of institutions and companies who could read this one simple article and learn just how to conduct themselves should something similar happen to them.