The 2021 ransomware attack on Ireland's Health Service Executive (HSE) is used to illustrate a "criminals → government → information theft" cell. Why is a healthcare incident a good example to anchor that cell?
Because the HSE attack was a criminal ransomware operation against a national health authority that both crippled services and exfiltrated data — exactly the "criminals targeting government, with information theft" combination, in the highest-stakes sector.
In May 2021 the Conti ransomware gang hit the HSE, Ireland's public health system. Beyond encrypting systems and forcing hospitals offline, the attackers exfiltrated patient and corporate data — so the harm was both disruption and information theft. WHY this case earns a matrix cell: it is a documented, criminally-motivated attack on a government body where the financial and human stakes were enormous, which is precisely why the exercise then drills into a healthcare ransomware scenario (steps 4–5). Anchoring the cell to the published HSE post-incident review keeps the threat concrete rather than hypothetical.
Go deeper:
Conti cyber attack on the HSE (independent post-incident review, PwC) — Der offizielle Untersuchungsbericht zum Conti-Ransomware-Angriff 2021 auf das irische Gesundheitssystem.