On December 7, 2020, the Organization experienced a spike in unusual traffic in the login endpoints for the Organization?s client and tasker mobile applications. The Organization determined that its website and mobile application had been subject to a credential stuffing attack on certain user accounts between December 7 – 14, 2020. The Organization reported it believes the credentials were obtained from a third-party site or app where users used the same password.

File Type: pdf
File Size: 618 KB
Categories: 2021