"A company stored service account passwords in the description field of Active Directory. Attackers exploited this vulnerability to gain domain access, delete backups, and deploy ransomware. The incident resulted in over 2,000 users being taken offline for months."