I admit it, I was wrong. In my last post, I wrote about how in-probable it was that the 2019 NZ Budget hack was just due to someone using the search engine on the website. Well I was wrong. I had expected the IT team at the NZ Treasury to have at least a little bit of competence. Sadly the seem to be incredibly incompetent.
The hack at the Treasury was in fact due to someone searching for the document, and finding it. I am utterly flabbergasted at how the Treasury department handled everything to do with this. Now this certainly does not absolve National of their handling of everything either, but again I am not political and I’m not going to get into that.
Hopefully this entire thing will be a lesson for not only the Treasury department, but all IT and Web teams everywhere in how not to do things. Sadly, I have a feeling this won’t be the last time we see things like this happen. Especially since the Treasury website runs on a very outdated version of Drupal. There needs to be lessons to management everywhere, to listen to your IT team. Give them the tools and the power to change things that they know are wrong. Otherwise, you’ll make a fool out of your entire company.