CONFERENCE Now Live: CISO Forum Virtual Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

New Zealand Says Budget Leak Was Bungled, Not Hacked

A security breach that led to the premature release of New Zealand’s budget resulted from an online bungle, not a sophisticated cyberattack as originally claimed, red-faced officials admitted Thursday.

A security breach that led to the premature release of New Zealand’s budget resulted from an online bungle, not a sophisticated cyberattack as originally claimed, red-faced officials admitted Thursday.

The Treasury department called in police this week after the opposition National Party released parts of the government’s annual budget, which was not due for release until Thursday.

At the time, Treasury Secretary Gabriel Makhlouf said his department had fallen victim to a “systematic” and “deliberate” hack, rejecting “absolutely” any suggestion the information had been accidentally posted online.

He was forced into an embarrassing backdown Thursday after police found no evidence that illegal activity was behind the leak.

“On the available information, an unknown person or persons appear to have exploited a feature in the website search tool but… this does not appear to be unlawful,” Makhlouf said in a statement.

He said Treasury prepared a “clone” website ahead of the Budget’s release but did not realise that entering specific search terms on it revealed embargoed information.

Budget documents are a closely guarded secret and Makhlouf said an inquiry would be held to ensure such a breach was not repeated.

This year’s document is the centre-left government’s inaugural “well-being” budget, which it says is a world-first attempt to change the way economic progress is measured, putting people ahead of growth.

Advertisement. Scroll to continue reading.

National leader Simon Bridges called for Makhlouf’s resignation, saying the Treasury boss knew about the bungle days ago because his department fixed the website bug before police were called in.

He accused Makhlouf of sitting on the information and instead going public with an accusation that implied National had carried out an illegal hack.

“Clearly his position is not tenable,” Bridges told reporters.

Finance Minister Grant Robertson, the minister responsible for the budget, declined to publicly back Makhlouf, who is due to leave his position next month and become governor of the Central Bank of Ireland.

“I am… very disappointed that the Treasury did not seek to find more information as to how this happened before referring the matter to the police,” he said in a statement.

He refused to address the matter further in the budget media lock-up at parliament, which Makhlouf did not attend, contrary to normal practice.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Secure enterprise browser provider Menlo Security has appointed Bill Robbins as President.

Erik Rolf has joined Booz Allen Hamilton as the Business Information Security Officer (BISO) of Commercial Sector.

Gant Redmon has joined Trustle as its new Chief Executive Officer and Board Director.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.