This article on ars technica shows how a security vendor fell foul of this trap and had some prolonged abuse of customer data.
Instead how can you show plausible stories?
- Create Data to tell these stories - use scripts, random name generators and so forth to make up plausible data.
- Alter any existing data - remove any identification of users, customer data, sensitive data of any kind.
- Any reference to existing customer problems should not identify customers without permission, or provide sensitive data that could identify their situations