In November 2018, the WordPress sandboxing service that allows people to create temporary websites WP Sandbox discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. The phishing page requested both email addresses and passwords.
Accounts breached: 858
Breached on: November 04, 2018
Exposed data: Email addresses and Passwords
Domain: wpsandbox.io
Added on: November 06, 2018