In certain practical settings, the goal of this attack is to gradually reveal information about an encrypted message, or about the decryption key itself.
Adaptive-chosen-ciphertext attacks were perhaps considered to be a theoretical concern, but not to have been be manifested in practice, until 1998, when Daniel Bleichenbacher (then of Bell Laboratories) demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1.5 encoding function, including a version of the Secure Sockets Layer (SSL) protocol used by thousands of web servers at the time.
[2] In practical terms, this means that an SSL session key can be exposed in a reasonable amount of time, perhaps a day or less.
With slight variations, this vulnerability still exists in many modern servers, under the new name "Return Of Bleichenbacher's Oracle Threat" (ROBOT).
[3] In order to prevent adaptive-chosen-ciphertext attacks, it is necessary to use an encryption or encoding scheme that limits ciphertext malleability and a proof of security of the system.