plaintextpasswordsnot fixeduntilpubliclydisclosed"someone'sout to getus""weweren'tbreached""it wasonly for afewminutes"more usersaffected thaninitiallythought"don'tworryyour datais safe"really easy,like reallyeasy toexploitnosecurityteam"only asmallportion ofour users"threatento callpolice onwhite hat"thereare noissues">100kaccountsbreacheddata privacycommissionernot notified intime"nobodyisperfect""we areinvestigating"backtrackingonstatements"ourapp/websiteexperiencedsomeissues""[the whitehat] isbreakingthe law"public s3 /elasticsearcheasilydisprovedlie"no evidence itwas exploited"(because therewere no logs)"highlysophisticatedattacker"(dude withchromeinspector)ignore itand hopeit goesawayplaintextpasswordsnot fixeduntilpubliclydisclosed"someone'sout to getus""weweren'tbreached""it wasonly for afewminutes"more usersaffected thaninitiallythought"don'tworryyour datais safe"really easy,like reallyeasy toexploitnosecurityteam"only asmallportion ofour users"threatento callpolice onwhite hat"thereare noissues">100kaccountsbreacheddata privacycommissionernot notified intime"nobodyisperfect""we areinvestigating"backtrackingonstatements"ourapp/websiteexperiencedsomeissues""[the whitehat] isbreakingthe law"public s3 /elasticsearcheasilydisprovedlie"no evidence itwas exploited"(because therewere no logs)"highlysophisticatedattacker"(dude withchromeinspector)ignore itand hopeit goesaway

Data Breach Bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
  1. plaintext passwords
  2. not fixed until publicly disclosed
  3. "someone's out to get us"
  4. "we weren't breached"
  5. "it was only for a few minutes"
  6. more users affected than initially thought
  7. "don't worry your data is safe"
  8. really easy, like really easy to exploit
  9. no security team
  10. "only a small portion of our users"
  11. threaten to call police on white hat
  12. "there are no issues"
  13. >100k accounts breached
  14. data privacy commissioner not notified in time
  15. "nobody is perfect"
  16. "we are investigating"
  17. backtracking on statements
  18. "our app/website experienced some issues"
  19. "[the white hat] is breaking the law"
  20. public s3 / elasticsearch
  21. easily disproved lie
  22. "no evidence it was exploited" (because there were no logs)
  23. "highly sophisticated attacker" (dude with chrome inspector)
  24. ignore it and hope it goes away