Chancellor Rachel Reeves’s leaked Budget statement was viewed nearly 25,000 times before being officially delivered to MPs in parliament, a new report has found.
A newly released National Cyber Security Centre investigation has exposed the true scale of November’s Budget leak, revealing the document was accessed a minimum of 24,701 times in the hour preceding the address.
This figure dwarfs the original assessment, which suggested merely 43 people had viewed the prematurely published material.
Furthermore, the Office for Budget Responsibility’s (OBR) economic forecasts appeared online thirty minutes ahead of Ms Reeves’ formal announcement on November 26, triggering a political storm.
The Chancellor’s leaked Budget was viewed nearly 25,000 times before the official release
|
GETTY
In reaction, the Chancellor described herself as being at the “higher end of the angry scale.” The incident ultimately cost OBR chairman Richard Hughes his position.
The NCSC’s forensic examination traced the initial complete download of the forecasts to shortly after 11.35 am that morning, though this success came only after more than 500 prior attempts had failed.
Once accessible, links to the document circulated swiftly across the internet. Within just thirty minutes, the file had been successfully retrieved 20,547 times.
The investigation determined these downloads originated from in excess of 10,000 distinct IP addresses, demonstrating how rapidly the sensitive fiscal information proliferated online.
Chair of the OBR, Office For Budget Responsibility, Richard Hughes, (left) resigned following the November 2025 Budget leak | GETTY
The OBR issued an apology at the time, attributing the incident to a “technical error” and pledging to share its investigation findings with the Treasury to prevent any recurrence.
Announcing his departure fewer than a week after the incident, Mr Hughes acknowledged the gravity of what had occurred, stating: “The inadvertent early dissemination of our Economic and fiscal outlook on November 26 was a technical but serious error.”
He expressed conviction that the organisation could swiftly rebuild its reputation, built over fifteen years of rigorous independent analysis.
Mr Hughes added that he needed to facilitate the body he had “loved leading for the past five years” in moving beyond this “regrettable incident”.
Responding to his resignation, Ms Reeves thanked him for his public service and five years heading the OBR, reaffirming the Government’s commitment to protecting the watchdog’s independence.
The NCSC report set out several recommendations to safeguard future Budgets from similar breaches.
Investigators called for a review of how sensitive fiscal information is compartmentalised, with particular attention to the need-to-know principle.
The report proposed introducing standardised security induction briefings for all government personnel handling confidential Budget material.
Rachel Reeves delivered the Budget in the Commons last year | PA
The report proposed introducing standardised security induction briefings for all government personnel handling confidential Budget material.
Additionally, the Treasury was urged to explore enhanced methods for sharing information securely between departments, including greater reliance on technical controls such as system-enforced access restrictions for the most sensitive measures.
Staff were also to be reminded of their duty under the relevant code to report any approaches from journalists to the communications director.
