Budget information at Treasury came under attack 2000 times over 48 hours, the Treasury Secretary says.
Treasury is rushing to beef up security for all Budget documents as the police try to find out who hacked into the department's IT system.
Last night Treasury said in a statement it had gathered enough evidence that its systems had been "deliberately and systematically hacked". It had referred the matter to police, on the advice of the National Cyber Security Centre, and taken steps to increase the security of all Budget-related information.
"We identified multiple and persistent attempts to gain unauthorised access to our systems, and specifically budget related information," Treasury Secretary Gabriel Makhlouf told Morning Report.
Someone tried 2000 times over 48 hours to access Budget related information, he said.
It started around midnight on Sunday and ended when Treasury discovered it and shut everything down yesterday.
"Like the rest of the country we discovered on the news that some information - obviously not the whole Budget - but some information was being published."
There were safeguards in place but someone had found a weakness in the system.
"Somebody managed to penetrate and get some, not the whole Budget, some information."
The information released by National would appear to be the data from Treasury, but he was not accusing National of taking it nor saying that the two were connected.
"I have no evidence that tells me that the two are related," he said.
He was letting police work out what happened.
"I'm not going to speak to the National Party about information. It's up to the police to decide what they want to do."
He said no documents were put on Treasury's website accidentally. "This was a deliberate and systematic attempt to gain access to information that wasn't ready for public release."
"We identified multiple and persistent attempts to gain unauthorised access to our systems' - Gabriel Makhlouf
"Imagine you've got a room in which you have placed important documents that you feel are secure they're bolted down under lock and key, but unknown to you one of those bolts has a weakness, and someone who attacks that bolt deliberately, persistently, repeatedly finds that it breaks and they can enter and access those papers - and that's what's happened here."
Mr Makhlouf has set up a review which he said may discover things they could have done better, but as of yesterday no information was accidentally put on the Treasury website.
After the Treasury statement Finance Minister Grant Robertson contacted the National Party and asked them to stop releasing any further material given the seriousness of the situation.
But National Party leader Simon Bridges hit back on Twitter, saying Mr Robertson was falsely smearing his party and when what had occurred was revealed the minister would need to resign.
National released documents it said compiled spending in 18 of the 40 policy areas in the 2019/2020 year, including Defence, Forestry, DHBs, and overseas aid.
Finance Minister Grant Robertson, in a hastily-called media conference yesterday, said some figures were right, but some were wrong.
National Party leader Simon Bridges said he was confident in the information and would not reveal where it came from. "I think what it shows is a loose, incompetent government", he said.
Budget information is the government's best kept secret, and any breach of this heavily-guarded information is a major concern.
Mr Makhlouf said Treasury had now restricted access "significantly" to Budget information.
"A lot of the people who would normally have access to the information to prepare material for Budget Day no longer have that information.
"We think we'll still be able to deliver the Budget on Thursday, but it is to the inconvenience of a number of people who would normally have access to it."
There was no evidence a Treasury staff member was leaking information, he said.