When you call yourself “the global leader in secure content collaboration,” you can’t afford security gaffes.
Huddle, a SaaS tool used throughout the U.K. government, learned that the hard way when a BBC journalist logged into its system and was redirected to the wrong account. Imagine his shock when he realized he had access to confidential KPMG financial data.
Luckily for Huddle, the journalist left the sensitive information untouched, but he wasn’t about to leave the story untold. The world soon knew of Huddle’s head-scratching glitch: When two users signed on during a 20-millisecond period, they received identical authentication codes. The first to gain entry could be directed to either user’s account.
