In November 2018, the WordPress sandboxing service WP Sandbox discovered its platform was used to host a phishing site targeting Microsoft OneDrive accounts. The site collected email addresses and passwords from 858 users before being taken offline.