Details of Budget documents posted by Treasury were able to be exposed through web searches, the agency has confessed.
Police have now called off their hacking investigation and a new enquiry has been been launched into the Treasury IT error by the State Services Commission.
Someone with a IP address from Parliament, Vocus and 2degrees used multiple simple search queries to extract some headline information from the Budget, Treasury said this morning.
That led to accusations of hacking late on Tuesday and to the Police being called in.
Treasury Secretary Gabriel Makhlouf said in his view, there were deliberate, exhaustive and sustained attempts to gain unauthorised access to the embargoed data.
"Our systems were clearly susceptible to such unacceptable behaviour, in breach of the long-standing convention around Budget confidentiality, and we will undertake a review to make them more robust," Makhlouf said.
Treasury had developed a clone of its website to which Budget information was added when each document was finalised.
The agency intended to swap the clone website to the live website on Budget day so that the information was available online.
The clone website was not publicly accessible, but as part of the search function on the website, content was indexed to make the search faster.
Search results could be presented with the text in the document that surrounds the search phrase.
The clone copied all settings for the website including where the index resides. The index on the live site therefore also contained entries for content on the clone site.
Specifically-worded searches would find small amounts of content from the 2019/20 Estimates documents.
Approximately 2,000 search terms were were to find information in the Budget, but no documents were accessible outside of Treasury's network.