>100kaccountsbreachedeasilydisprovedlie"it wasonly for afewminutes"not fixeduntilpubliclydisclosed"nobodyisperfect"more usersaffected thaninitiallythought"thereare noissues"backtrackingonstatementsdata privacycommissionernot notified intimenosecurityteam"[the whitehat] isbreakingthe law""only asmallportion ofour users"really easy,like reallyeasy toexploitplaintextpasswords"we areinvestigating""no evidence itwas exploited"(because therewere no logs)"ourapp/websiteexperiencedsomeissues"ignore itand hopeit goesaway"someone'sout to getus""don'tworryyour datais safe""highlysophisticatedattacker"(dude withchromeinspector)threatento callpolice onwhite hat"weweren'tbreached"public s3 /elasticsearch>100kaccountsbreachedeasilydisprovedlie"it wasonly for afewminutes"not fixeduntilpubliclydisclosed"nobodyisperfect"more usersaffected thaninitiallythought"thereare noissues"backtrackingonstatementsdata privacycommissionernot notified intimenosecurityteam"[the whitehat] isbreakingthe law""only asmallportion ofour users"really easy,like reallyeasy toexploitplaintextpasswords"we areinvestigating""no evidence itwas exploited"(because therewere no logs)"ourapp/websiteexperiencedsomeissues"ignore itand hopeit goesaway"someone'sout to getus""don'tworryyour datais safe""highlysophisticatedattacker"(dude withchromeinspector)threatento callpolice onwhite hat"weweren'tbreached"public s3 /elasticsearch

Data Breach Bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
  1. >100k accounts breached
  2. easily disproved lie
  3. "it was only for a few minutes"
  4. not fixed until publicly disclosed
  5. "nobody is perfect"
  6. more users affected than initially thought
  7. "there are no issues"
  8. backtracking on statements
  9. data privacy commissioner not notified in time
  10. no security team
  11. "[the white hat] is breaking the law"
  12. "only a small portion of our users"
  13. really easy, like really easy to exploit
  14. plaintext passwords
  15. "we are investigating"
  16. "no evidence it was exploited" (because there were no logs)
  17. "our app/website experienced some issues"
  18. ignore it and hope it goes away
  19. "someone's out to get us"
  20. "don't worry your data is safe"
  21. "highly sophisticated attacker" (dude with chrome inspector)
  22. threaten to call police on white hat
  23. "we weren't breached"
  24. public s3 / elasticsearch