This article contributes to the growing debate about the increasing importance of 'data' in modern cybercrime offending. In so doing, it illustrates the linkages between cyberdependent and cyber-enabled crime bringing into focus the inability of current cybercrime legal categories to reflect such linkages which ultimately reflects how practitioners interpret them. Drawing upon data from court cases the article models the cybercrime cascade effect that results from data crimes. We argue that

more »

... rcrime is not a single action, but a process of interconnected social and technical actions in which data from 'upstream' cyber-dependent data crimes cascades 'downstream' to enable additional cyber-enabled crimes, such as scams, frauds and deceptions. By modelling the various tipping points at which stolen data cascades downstream we increase knowledge about the cybercrime ecosystem to highlight points at which interventions can be more effectively targeted. The 'cascade effect' is modelled by using mixed methods from law and criminology which include the "intermediate-N" configurational comparative method. By refining the tipping points of the cascade into decision trees, additional hypotheses, and the identification of the means to test them can be formulated. The article suggests that tipping points occur at each stage of the cascade model, however, the cascade into more crime is not found to be an automatic outcome as more social factors may be involved. Moreover, there exist layers of victimisation, which highlights the need to further research ways to incentivize early-offender interventions. Finally, the article illustrates the complexities of online offending, which include the presence of diverse, distributed and even disorganized actors within organised groups which do not easily fit into the traditional organized crime narrative.