data privacycommissionernot notified intime"it wasonly for afewminutes""highlysophisticatedattacker"(dude withchromeinspector)"thereare noissues"easilydisprovedlieplaintextpasswords"we areinvestigating""[the whitehat] isbreakingthe law"ignore itand hopeit goesawaynot fixeduntilpubliclydisclosedbacktrackingonstatements"someone'sout to getus""nobodyisperfect"public s3 /elasticsearchthreatento callpolice onwhite hat"weweren'tbreached""ourapp/websiteexperiencedsomeissues"nosecurityteam>100kaccountsbreachedmore usersaffected thaninitiallythought"no evidence itwas exploited"(because therewere no logs)"don'tworryyour datais safe""only asmallportion ofour users"really easy,like reallyeasy toexploitdata privacycommissionernot notified intime"it wasonly for afewminutes""highlysophisticatedattacker"(dude withchromeinspector)"thereare noissues"easilydisprovedlieplaintextpasswords"we areinvestigating""[the whitehat] isbreakingthe law"ignore itand hopeit goesawaynot fixeduntilpubliclydisclosedbacktrackingonstatements"someone'sout to getus""nobodyisperfect"public s3 /elasticsearchthreatento callpolice onwhite hat"weweren'tbreached""ourapp/websiteexperiencedsomeissues"nosecurityteam>100kaccountsbreachedmore usersaffected thaninitiallythought"no evidence itwas exploited"(because therewere no logs)"don'tworryyour datais safe""only asmallportion ofour users"really easy,like reallyeasy toexploit

Data Breach Bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
  1. data privacy commissioner not notified in time
  2. "it was only for a few minutes"
  3. "highly sophisticated attacker" (dude with chrome inspector)
  4. "there are no issues"
  5. easily disproved lie
  6. plaintext passwords
  7. "we are investigating"
  8. "[the white hat] is breaking the law"
  9. ignore it and hope it goes away
  10. not fixed until publicly disclosed
  11. backtracking on statements
  12. "someone's out to get us"
  13. "nobody is perfect"
  14. public s3 / elasticsearch
  15. threaten to call police on white hat
  16. "we weren't breached"
  17. "our app/website experienced some issues"
  18. no security team
  19. >100k accounts breached
  20. more users affected than initially thought
  21. "no evidence it was exploited" (because there were no logs)
  22. "don't worry your data is safe"
  23. "only a small portion of our users"
  24. really easy, like really easy to exploit