A security breach at The Adaptavist Group, a UK enterprise software consultancy, has triggered an investigation after an unauthorized party gained access using stolen credentials. The incident has also prompted a ransomware crew to claim responsibility, boasting of a substantial data haul. Imposter emails are already circulating, attempting to capitalize on the breach. The Adaptavist Group is working to determine the scope of the incident, while the ransomware crew's claims suggest a potentially more extensive compromise than initially acknowledged1. The breach underscores the risks of state-aligned threat activity, which can escalate the implications of a security incident from mere criminality to geopolitical significance. This matters to practitioners because the fallout from such breaches can extend far beyond the immediate target, affecting the broader cybersecurity landscape and necessitating a more nuanced threat assessment.