
WPSandbox
What Happened
In November 2018, the WordPress sandboxing service that allows people to create temporary websites WP Sandbox discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. The phishing page requested both email addresses and passwords.
Compromised Data
Recommended Actions
Change Your Password
If you haven't changed your password on this service since the breach, do so immediately.
Enable Two-Factor Authentication
If 2FA is supported, add an extra layer of security to your account.
Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Try 1PasswordBreach Overview
-
Affected Accounts:
858
-
Breach Occurred:
November 2018
-
Added to HIBP:
6 Nov 2018
Recommended Actions
Change Your Password
If you haven't changed your WPSandbox password since 2018, do so immediately.
Enable Two-Factor Authentication
Add an extra layer of security to your account.