WPSandbox

What Happened

In November 2018, the WordPress sandboxing service that allows people to create temporary websites WP Sandbox discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. The phishing page requested both email addresses and passwords.

Compromised Data

Email addresses
Passwords

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    858

  • Breach Occurred:

    November 2018

  • Added to HIBP:

    6 Nov 2018

Recommended Actions

Change Your Password

If you haven't changed your WPSandbox password since 2018, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password