Data is king — for attackers as well as defenders.
Malicious hackers have long collected and used data in a systematic manner. For example, they investigate all the public-facing servers of a particular target company, as well as document their IP addresses, services, software versions, and back-end relationships.
They collect as much publicly accessible information as possible, including harvested credentials, then test potential weak spots.