Previous quantitative studies applying Routine Activity Theory (RAT) to cybercrime victimization produced mixed results. Through semi-structured interviews with cybersecurity experts, the current study aims to qualitatively reevaluate the applicability of RAT to cyber-dependent crime, specifically data theft from organizations. An in-depth assessment of environmental factors appearing to affect data thieves’ actions resulted in concrete operationalizations of theoretical concepts. Importantly, we highlight the distinction between target selection and strategic choices made during the attack. Furthermore, RAT appeared to be as relevant, if not more, for explaining offender actions during an attack as for the initial convergence of offenders and digital targets.