"it wasonly for afewminutes">100kaccountsbreacheddata privacycommissionernot notified intime"highlysophisticatedattacker"(dude withchromeinspector)"[the whitehat] isbreakingthe law"threatento callpolice onwhite hat"don'tworryyour datais safe""nobodyisperfect"public s3 /elasticsearch"only asmallportion ofour users""ourapp/websiteexperiencedsomeissues"really easy,like reallyeasy toexploitplaintextpasswords"no evidence itwas exploited"(because therewere no logs)"we areinvestigating"backtrackingonstatements"thereare noissues"easilydisprovedlie"someone'sout to getus"nosecurityteam"weweren'tbreached"more usersaffected thaninitiallythoughtnot fixeduntilpubliclydisclosedignore itand hopeit goesaway"it wasonly for afewminutes">100kaccountsbreacheddata privacycommissionernot notified intime"highlysophisticatedattacker"(dude withchromeinspector)"[the whitehat] isbreakingthe law"threatento callpolice onwhite hat"don'tworryyour datais safe""nobodyisperfect"public s3 /elasticsearch"only asmallportion ofour users""ourapp/websiteexperiencedsomeissues"really easy,like reallyeasy toexploitplaintextpasswords"no evidence itwas exploited"(because therewere no logs)"we areinvestigating"backtrackingonstatements"thereare noissues"easilydisprovedlie"someone'sout to getus"nosecurityteam"weweren'tbreached"more usersaffected thaninitiallythoughtnot fixeduntilpubliclydisclosedignore itand hopeit goesaway

Data Breach Bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
  1. "it was only for a few minutes"
  2. >100k accounts breached
  3. data privacy commissioner not notified in time
  4. "highly sophisticated attacker" (dude with chrome inspector)
  5. "[the white hat] is breaking the law"
  6. threaten to call police on white hat
  7. "don't worry your data is safe"
  8. "nobody is perfect"
  9. public s3 / elasticsearch
  10. "only a small portion of our users"
  11. "our app/website experienced some issues"
  12. really easy, like really easy to exploit
  13. plaintext passwords
  14. "no evidence it was exploited" (because there were no logs)
  15. "we are investigating"
  16. backtracking on statements
  17. "there are no issues"
  18. easily disproved lie
  19. "someone's out to get us"
  20. no security team
  21. "we weren't breached"
  22. more users affected than initially thought
  23. not fixed until publicly disclosed
  24. ignore it and hope it goes away