In an email sent to its users, a freelance labor-service app owned by Swedish furniture giant Ikea has reported a “security breach.”
TaskRabbit initially reported the problem on Twitter as a “technical issue.” But users later tweeted about suspicious “phishing” emails supposedly sent from the company. “Phishing” is a means of stealing sensitive information online through spurious emails.
@TaskRabbit I believe my account was just hacked by a Tasker on your platform. A phishing email redirected me to a github site before the screen changed to “pwned.” Please look into this immediately.
— Sam Rad 👾 (@SamRadocchia) April 16, 2018
Acquired by Ikea in 2017, TaskRabbit is an online and mobile marketplace that puts freelance handymen, known as “taskers,” in touch with people who require household services. The service operates in 41 cities across the UK and United States, and has 1.25 million users (CNet) and more than 50,000 “taskers” who generate business using the site.
In a message to its users, TaskRabbit said it’s investigating the matter with law enforcement and a cybersecurity firm (BBC). It advised users to change their passwords for TaskRabbit and other apps and websites.
The app and its website remain temporarily closed.
We’re investigating a cybersecurity incident, and our app and site are down while the team works on this. Thank you for your patience while we look into this matter. pic.twitter.com/d61J1c3eh1
— TaskRabbit (@TaskRabbit) April 16, 2018
While Gizmodo reported it’s unknown if any users’ personal or payment information had been compromised, the UK’s information commissioner’s office said it was “aware of a potential data breach” and was “looking into” the matter.