TaskRabbit app and website are down while a 'cybersecurity incident' is investigated
IKEA-owned TaskRabbit is offline while the company investigates a "cybersecurity incident". Very little information has been given about the incident, but the company says that it is working with "an outside cybersecurity firm and law enforcement to determine specifics" of what happened.
While even vague details are unavailable, the fact that the TaskRabbit website and app have been taken offline could well be indicative of the severity. The company is advising its customers to change their passwords elsewhere if they have reused their TaskRabbit credentials for other sites and services.
TaskRabbit is a service that makes it possible for people to get in touch with private "taskers" to help with everything from decorating and moving house to assembling furniture -- hence IKEA's interest. Taskers have been unable to use the app while it is offline to log their work, and TaskRabbit says: "If you had a task scheduled and you were unable to complete it because of the app being down, we’ll work with you to get it rescheduled once the site is back up."
The company also says that compensation will be provided to anyone unable to complete a task due to the downtime.
In a message to customers posted on its website, TaskRabbit says:
Dear TaskRabbit Community,
TaskRabbit is currently investigating a cybersecurity incident. We understand how important your personal information is and are working with an outside cybersecurity firm and law enforcement to determine the specifics. The app and the website are offline while our team works on this.
We will be back in contact with you with more information once we have it. As an immediate precaution, if you used the same password on other sites or apps as you did for TaskRabbit, we recommend you change those now.
Thank you for your patience while we investigate the issue and for being such an important part of our community.
Although TaskRabbit is not sharing any details about what appears to be a cyberattack, on Twitter users were yesterday sharing stories that seemed to indicate that the company had been hacked:
hello @TaskRabbit I don't believe this is your website but this is what I get when I try to visit your website HELP pic.twitter.com/qSrEGEdA1q
— some guy (@catalanawinemxr) April 16, 2018
Task Rabbit phishing attack. Emails sent out pointing to website which, for a time, revealed @TaskRabbit's private Github, daily transaction volumes, key employee information. @TaskRabbit you need to look into this right now. I believe my account has been compromised. pic.twitter.com/RcT6WXhW6l
— Sam Rad ? (@SamRadocchia) April 16, 2018