PublicTechnology

OBR seeks cyber counsel over online budget leak

Ethan Claridge December 1, 2025 in Cyber Security Hub, News - 3 Minutes
Credit: Jaydeep Joshi/Pixabay
The public body with a remit to deliver forecasts and assessments of public finances erroneously made available the chancellor’s plans before they were announced in parliament and is now investigating

The Office for Budget Responsibility has indicated that it will be taking advice from a cybersecurity expert after it leaked an analysis of the budget “in error” on its website. 

Speaking on the BBC Radio 4’s Today programme, OBR chairman Richard Hughes said he was “personally mortified” by the leak and said the results of a full investigation would be reported to MPs. Hughes added that he had written to Rachel Reeves to apologise for the incident, saying he regretted the disruption it caused to the chancellor’s statement. The OBR chief also claimed that Professor Ciaran Martin, a former head of the National Cyber Security Centre, would be consulted to provide “expert input” for the OBR’s investigation.

Journalists were able to access the OBR’s report from 11:40am on Wednesday, some time before the chancellor had even begun announcing the details of the budget. This caused chaos on the front benches as ministers and MPs scrambled to understand what information was available to the public. 

“The documents weren’t published on our webpage itself,” Hughes said. “It appears there was a link that someone was able to access – an external person. We need to get to the bottom of what exactly happened. We’re going to do a full investigation.”

Related content

Those interested in getting a sneak peek of the OBR’s report were able to access it as a PDF by simply replacing the word ‘March’ with ‘November’ in the web address of the for the previous report on the budget. 

The leak comes after the government launched a new bill to update the UK’s cybersecurity earlier this month. The bill is targeted at supporting critical national infrastructure like hospitals, water suppliers and transport networks and is intended to strengthen national security and protect growth by boosting cyber protections for the services that people and businesses rely on every day.

“We pride ourselves on our professionalism at the OBR,” said Hughes. “But we let people down. We are going to do a full investigation. When we make mistakes – we fess up to them, we find out what happened and we make sure they don’t happen again.”

The early release of the OBR’s report caused a period of volatility in the UK bond and currency markets as investors reacted to the information on topics like a three-year freeze on income tax. 

A version of this story originally appeared on PublicTechnology sister publication Holyrood

Related Posts

Home Office plans centralised police tech, digital and AI functions
February 2, 2026
NAO warns of data and IT issues afflicting government finance ops
February 2, 2026
EXCL: GDS plans deployment of AI coding tools to ‘teams across public sector’
January 30, 2026

Ethan Claridge

Learn More →