"only asmallportion ofour users"not fixeduntilpubliclydiscloseddata privacycommissionernot notified intimemore usersaffected thaninitiallythought"thereare noissues""nobodyisperfect""someone'sout to getus">100kaccountsbreached"we areinvestigating"public s3 /elasticsearchbacktrackingonstatementsignore itand hopeit goesaway"it wasonly for afewminutes"easilydisprovedlie"no evidence itwas exploited"(because therewere no logs)"ourapp/websiteexperiencedsomeissues"really easy,like reallyeasy toexploitnosecurityteamthreatento callpolice onwhite hat"[the whitehat] isbreakingthe law""don'tworryyour datais safe""weweren'tbreached""highlysophisticatedattacker"(dude withchromeinspector)plaintextpasswords"only asmallportion ofour users"not fixeduntilpubliclydiscloseddata privacycommissionernot notified intimemore usersaffected thaninitiallythought"thereare noissues""nobodyisperfect""someone'sout to getus">100kaccountsbreached"we areinvestigating"public s3 /elasticsearchbacktrackingonstatementsignore itand hopeit goesaway"it wasonly for afewminutes"easilydisprovedlie"no evidence itwas exploited"(because therewere no logs)"ourapp/websiteexperiencedsomeissues"really easy,like reallyeasy toexploitnosecurityteamthreatento callpolice onwhite hat"[the whitehat] isbreakingthe law""don'tworryyour datais safe""weweren'tbreached""highlysophisticatedattacker"(dude withchromeinspector)plaintextpasswords

Data Breach Bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
  1. "only a small portion of our users"
  2. not fixed until publicly disclosed
  3. data privacy commissioner not notified in time
  4. more users affected than initially thought
  5. "there are no issues"
  6. "nobody is perfect"
  7. "someone's out to get us"
  8. >100k accounts breached
  9. "we are investigating"
  10. public s3 / elasticsearch
  11. backtracking on statements
  12. ignore it and hope it goes away
  13. "it was only for a few minutes"
  14. easily disproved lie
  15. "no evidence it was exploited" (because there were no logs)
  16. "our app/website experienced some issues"
  17. really easy, like really easy to exploit
  18. no security team
  19. threaten to call police on white hat
  20. "[the white hat] is breaking the law"
  21. "don't worry your data is safe"
  22. "we weren't breached"
  23. "highly sophisticated attacker" (dude with chrome inspector)
  24. plaintext passwords