When a company that I worked at was doing some testing with testnet bitcoins, I thought it would be useful to maintain an office pool based on a brainwallet, so that anyone could just use the testnet coins for experiments, and then send them back to the brainwallet. The passphrase was a dictionary word with a couple of trivial substitutions -- something like "company" => "c0mp4ny!" -- to make it easy for developers to remember for ad hoc testing.
After I sent some testnet coins to the address but before I could even send out an email telling people about it, the coins had been stolen (it might have been in the same block that my original transaction appeared in, I don't remember). This was ~3 years ago, and on testnet -- the only thing I could imagine is that someone was testing out a brainwallet-stealing bot on testnet before deploying it to mainnet. I was very impressed.
After I sent some testnet coins to the address but before I could even send out an email telling people about it, the coins had been stolen (it might have been in the same block that my original transaction appeared in, I don't remember). This was ~3 years ago, and on testnet -- the only thing I could imagine is that someone was testing out a brainwallet-stealing bot on testnet before deploying it to mainnet. I was very impressed.