Customers and 60,000 “taskers” — many of whom work as freelancers — were in for a rude awakening Monday, April 16 when TaskRabbit announced its site had been taken down following “a cybersecurity incident.” After alarm bells were sounded by several TaskRabbit users, a tweet by the company confirmed the situation.
TaskRabbit Cybersecurity Incident
As of this writing, the site remains inaccessible except for a landing page briefly explaining the situation. On the page, TaskRabbit says the matter is being investigated and in the meantime the app and the website are offline. A short FAQ on the page has some basic information as to what users and taskers should do in the meantime. One of the warnings from the company is to change your password right away. You can take a look at the full FAQ below.
In the tweet, TaskRabbit said it is working with law enforcement and an outside cybersecurity firm to find out what happened. Details of the incident haven’t been revealed, but with hundreds of thousands of customers and 60,000 taskers, the potential of a large scale personal and financial data breach does exist.
We’re investigating a cybersecurity incident, and our app and site are down while the team works on this. Thank you for your patience while we look into this matter. pic.twitter.com/d61J1c3eh1
— TaskRabbit (@TaskRabbit) April 16, 2018
Early indications suggest the attack might have been initiated with phishing emails. This comes from users who posted their interactions with the website on Twitter as it happened.
What About the Tasks?
TaskRabbit said it will work with taskers to reschedule their jobs. As for any tasks which were scheduled for Monday, April 16 and not able to be accomplished, the company says it will compensate them appropriately.
TaskRabbit found a niche in the gig economy by bringing customers and those looking to perform everyday tasks together. When Ikea bought the company in the fall of 2017, it made perfect sense considering the ready-to-assemble furniture the company sells.
Who are the Taskers?
According to the company, taskers are made up of a wide range of individuals with many different backgrounds. These include everyone from young professionals to stay-at-home parents, retirees, students and others. There are many taskers who have made this their full-time job.
TaskRabbit charges 30 percent of the total price customers pay for the tasks performed, and it also charges a 7.5 percent Trust & Safety fee which is added to the total of the task.
The service currently operates in 40 cities across the US and in London, UK.
Here’s a brief set of questions and answers on the TaskRabbit landing page explaining what happened and what users need to do :
We are currently investigating a cybersecurity incident. We are working with an outside cybersecurity firm and law enforcement to determine specifics. In the meantime, the app and website are offline while our team works on this.
What information has been compromised?
We are working with an outside cybersecurity firm and law enforcement to determine specifics of the incident, and we will provide more information when we can.
I am a client/Tasker, so what can I do to protect myself?
As an immediate precaution, if you used the same password on other sites or apps as you did for TaskRabbit, we recommend you change those now. Once the TaskRabbit site is back up, you will be able to change it there, as well. We will update affected individuals as more information becomes available.
I’m a Tasker, and I missed an appointment because I was unable to open the app. What should I do?
If you had a task scheduled and you were unable to complete it because of the app being down, we’ll work with you to get it rescheduled once the site is back up.
I’m a Tasker and I couldn’t get to my clients. Will I be compensated?
For any Tasker who had a task scheduled for Monday, April 16 and is unable to complete the task, we will compensate them appropriately. A member of the TaskRabbit Community team will be in touch as soon as they can.
I am a TaskRabbit client. What is TaskRabbit going to do to make up for the inconvenience I incurred because I was unable to have my task completed?
We regret any inconvenience this may cause our clients and Taskers, and we will work to reschedule any uncompleted tasks as soon as possible.
More in: Cybersecurity