has reset an unknown variety of buyer passwords after confirming it detected “suspicious exercise” on its community.
The -owned on-line market for on-demand labor stated it reset person passwords out of an abundance of warning and that it “took steps to forestall entry to any person accounts,” a TaskRabbit spokesperson informed TechCrunch.
“As all the time, the security and safety of the TaskRabbit neighborhood is our precedence, and we’ll proceed to be vigilant about defending our customers’ private data,” stated the spokesperson.
However TaskRabbit didn’t instantly elaborate or present solutions to our questions, together with if it deliberate to tell clients of the breach, what knowledge — if any — was taken, or if the breach had been remediated.
TaskRabbit clients have been alerted to the incident in a imprecise e-mail that solely famous their password had been lately modified “as a safety precaution,” with out saying what particularly prompted the account change. TechCrunch confirmed that the e-mail was reputable.
The password reset e-mail despatched to TaskRabbit clients. (Picture: Sarah Perez/TechCrunch)
It’s not unusual for corporations to reset passwords after a safety incident the place buyer or account data is accessed or stolen in a breach. But it surely’s uncommon for corporations to reset person passwords unrelated to a safety incident.
Final 12 months, on-line attire market StockX reset buyer passwords after initially citing “system updates,” however later admitted it took motion after it found suspicious activity on its community. Days later, a hacker offered TechCrunch with 6.8 million StockX account records stolen from the corporate’s servers.
TaskRabbit’s freelance labor market was based in 2008, and grew over time from an auction-style platform for negotiating duties and errands to a extra mature and tailor-made market to match clients with contractors. That ultimately attracted the eye of furnishings retailer IKEA, which bought the startup in September 2017 after TaskRabbit put itself in the marketplace for a strategic purchaser.
The 12 months after the acquisition, nonetheless, TaskRabbit had to take its website and app down attributable to a “cybersecurity incident.” The corporate later revealed an attacker had gained unauthorized entry to its techniques. Then-TaskRabbit CEO Stacy Brown-Philpot stated the corporate had contracted with an outside forensics team to establish what buyer data had been compromised by the assault, and urged each customers and suppliers to remain vigilant in monitoring their very own accounts for suspicious exercise.
Following the assault, the corporate stated it was implementing a number of new safety measures and would work on making the login course of safer. It additionally stated it will scale back the quantity of knowledge retained about taskers and clients in addition to “improve general community cyber risk detection know-how.”
Brown-Philpot left TaskRabbit earlier this year, and the CEO position has since been filled by former Airbnb and Uber Eats chief, Ania Smith.
Leave a Reply