By itself, the document is indeed useful and can be of help, as it provides an overview of 18 data breach scenarios and additionally compiles recommendations on TOMs for preventing / mitigating the impact of attacks or risk sources.
But stop! Guidelines on Examples? Guidelines, strictly speaking, like a gleaming beacon in the dark, must give readers a clear methodology on how to tackle practical issues. Guidelines cannot just outline examples of some cases; otherwise, those are not guidelines but a handbook of case studies (or whatever).
What it more, this might be a new trend in logic of how the EBPD Guidelines will be drafted. Recently, in Guidelines 07/2020 ‘On the concepts of controller and processor in GDPR', EDPB has demonstrated the same approach and (not only but mostly) provided for examples, instead of a clear methodology of how to spot the parties identifying means and purposes in complex scenarios.
Now in Guidelines 01/2021 - here we go again.