This developer wanted to cheat at Roblox. It cost millions
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 29 April 2026
⏱️ 65 minutes
🧾️ Download transcript
Summary
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency.
Meanwhile, there's a 1980s phone protocol called SS7 that lets shadowy surveillance companies track anyone, anywhere, via their mobile phone. Governments know about it. Telecoms know about it. Nobody's fixing it.
All this and more in episode 465 of the "Smashing Security" podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest James Ball.
Plus! Don't miss our featured interview with Rob Edmondson of CoreView, discussing how to lock down Microsoft 365 before it's too late.
EPISODE LINKS:
- Burglar alarm biz gets burgled, ShinyHunters pursues ransom - The Register.
- Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers - Tom’s Hardware.
- Grok tells researchers pretending to be delusional ‘drive an iron nail through the mirror while reciting Psalm 91 backwards’ - The Guardian.
- Vercel April 2026 security incident - Vercel.
- App host Vercel says it was hacked and customer data stolen - TechCrunch.
- Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials - Hacker News.
- Sorry for the Nazi spam from my Twitter account - Graham Cluley.
- Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors - Citizen Lab.
- Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say - TechCrunch.
- The rapid rise of phone surveillance firms - The Bureau of Investigative Journalism.
- Please shut up about your Spotify Wrapped - The New World.
- Think For Yourself - Beatles Song Identification Game.
- Nodes: Free Connection Puzzle & Vertex Game Alternative.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Elastic – AI is transforming security operations, but security is still a data problem. Learn how context-rich data drives faster, more reliable defence.
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | What's the security analogy? |
| 0:04.8 | There's a Swiss cheese. |
| 0:05.9 | The idea being that Swiss cheese has holes in it, |
| 0:08.7 | but you get more and more layers of it |
| 0:10.7 | in the hope that the holes won't line up. |
| 0:13.1 | This is like four layers of Swiss cheese lining up |
| 0:16.0 | and just something dropping straight through, isn't it? |
| 0:28.0 | Yeah. something dropping straight through, isn't it? Smashing Security, Episode 465. |
| 0:32.4 | This developer wanted to cheat at Roblox. |
| 0:35.0 | It cost millions. |
| 0:36.6 | With Graham Cluley and special guest James Ball. |
| 0:40.0 | Hello, hello and welcome to Smash Insecurity episode 465. My name's Graham Cluelly. And I'm James Ball. |
| 0:46.0 | James, welcome back on the show. Lovely to have you on yet again. What have you been up to? |
| 0:51.6 | I've been running around all over the place. I spend about half |
| 0:55.0 | my week being a political journalist and the other half working on tech and the political |
| 0:59.4 | half is really creeping up it. It's not staying contained at the moment and so I'd like to put |
| 1:05.2 | it on the record. I am the greatest victim of the world's political situation right now. |
| 1:10.4 | It's a crazy world political. |
| 1:11.9 | You know, I had some feedback from a listener just in the last couple of days actually saying, |
| 1:16.1 | you love the podcast. I mean, listening to the podcast forever. But oh my God, Graham, can you stop |
| 1:19.6 | talking about politics? And my reaction was, look, thank you very much for listening and all the rest |
| 1:23.3 | of it. But it feels to me that technology and politics are more intertwined than ever before. You |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.