TaskRabbit, the Ikea-backed business that provides handy persons for hire, appears to be the victim of a cyberattack. The site has been down for at least a day, with few details emerging.

Customers received an email from the service yesterday. Today, that content is posted on TaskRabbit’s website. The essence of the message is that the company is investigating a data breach; its app and website are offline; and users should change their passwords if they’ve used the same one on other websites.

What do we know about the TaskRabbit data breach? 

As news of the incident broke on Monday, there appeared to be confusion as to what exactly happened. Gizmodo reports, “On Twitter, TaskRabbit referred to the incident as a ‘technical issue,’ but TaskRabbit users were told by email the company was investigating a ‘cybersecurity incident.”

Although the company did not state exactly how many customers were impacted by the attack, an anonymous source reported that as many as 35% of users may have been affected.

*Article update: Social security numbers and bank account numbers among contract employees may have been compromised in the data breach.

How did TaskRabbit respond?

For individuals affected by the data breach, the company is offering 12 months of complementary identity monitoring and/or restoration services.

How can users ensure cyber safety in the wake of this type of data breach? 

People should be sure to change their passwords after a relevant data breach is made public.

What else should people know about this data breach? 

At least one TaskRabbit account holder claimed on Twitter to have received a phishing email that redirected them to a github site that revealed daily transaction volumes and employee information.

Get more on this unfolding data breach story at Gizmodo.