If you’ve ever used TaskRabbit, start changing your passwords.
That’s the advice the odd-jobbing company gave out Monday afternoon as it took its own website and app offline to investigate a security incident. As of Tuesday morning, the site was still down.
TaskRabbit allows users to offer or employ services like dog walking, home maintenance, and errand-running. It operates in 40 U.S. Cities and in London. Ikea bought the company in September for an undisclosed sum.
Here’s what we know.
What happened?
The incident first appeared to be a technical glitch that redirected users to a WordPress site when they tried to visit TaskRabbit.
Hello @TaskRabbit I don't believe this is your website but this is what I get when I try to visit your website HELP pic.twitter.com/qSrEGEdA1q
— some guy (@jjjustsomeguy) April 16, 2018
Another Twitter user indicated she landed on the site after receiving a link in what she believes was a phishing email. Beyond that, the company hasn’t provided much information about how the attacker got in, who perpetrated the attack, or what information may have been stolen, though it has promised to provide more information when it can.
How is TaskRabbit addressing this issue?
The company is working with cybersecurity experts and law enforcement to determine the specifics of the incident. They’ve promised to keep account holders up to date throughout the process.
We're investigating a cybersecurity incident, and our app and site are down while the team works on this. Thank you for your patience while we look into this matter. Pic.twitter.com/d61J1c3eh1
— Taskrabbit (@Taskrabbit) April 16, 2018
What can users do to protect themselves?
The company is advising users to change their password on any account for which they use the same password they use on TaskRabbit, which is a good practice anyway. Beyond that, there isn’t much to do except wait. TaskRabbit has said they’ll get in touch with individual users as they learn more about whose account was hacked and what information might have been compromised.
What about all the un-tasked tasks?
Once the site is up and running, TaskRabbit will work with clients and “Taskers” to reschedule any work that was affected by the outage, including compensation for some Taskers.