Treasury was directly but not deliberately responsible for the ‘hack’

That is the effective conclusion from a Newshub exclusive interview with a Treasury insider. Technology provided a public window to the information and Hooton’s tweet from the day before appears to be absolutely accurate.

Hooton hatches the hack

Treasury and GCSB’s National Cyber Security Centre were working on establishing the facts of the incident, Treasury said in a statement.

“While this work continues, the facts that have been established so far are:

• As part of its preparation for Budget 2019, the Treasury developed a clone of its website.

• Budget information was added to the clone website as and when each Budget document was finalised.

• On Budget Day, the Treasury intended to swap the clone website to the live website so that the Budget 2019 information was available online.

• The clone website was not publicly accessible.

• As part of the search function on the website, content is indexed to make the search faster. Search results can be presented with the text in the document that surrounds the search phrase.

• The clone also copies all settings for the website including where the index resides. This led to the index on the live site also containing entries for content that was published only on the clone site.

• As a result, a specifically-worded search would be able to surface small amounts of content from the 2019/20 Estimates documents.

• A large number (approx. 2000) of search terms were placed into the search bar looking for specific information on the 2019 Budget.

• The searches used phrases from the 2018 Budget that were followed by the “Summary” of each Vote.

• This would return a few sentences – that included the headlines for each Vote paper – but the search would not return the whole document.

• At no point were any full 2019/20 documents accessible outside of the Treasury network.

“The nature of these searches ultimately led to unauthorised access to small amounts of content from the 2019/20 Estimates documents, none of which were due to be available to Parliament and the public until Budget Day.”

A Newspaper