Treasury has been approached for comment on whether that is what may have occurred, or whether the alleged hack might have been more sophisticated. KEVIN STENT/STUFF It does not yet appear clear if the Budget hack was sophisticated, or a simple case of guessing webpages. Bailey did not believe an offence would have been committed by someone simply guessing webpage addresses "unless they were prompted to enter credentials". Another consideration was that the Treasury website would not usually be a target for hackers as it should generally only contain publicly-available information, Buss said. One of the most common causes of confidential information being exposed by organisations was them accidently allowing hidden webpages to be discoverable, he said.

Source: Stuff May 28, 2019 22:53 UTC