The **Office for Budget Responsibility (OBR)**, the UK’s independent fiscal watchdog, suffered a **critical data breach** when its **full fiscal forecast and key budget measures** were **prematurely published online**—**30 minutes before Treasury Chief Rachel Reeves’ official announcement** in the House of Commons. The leak, attributed to a **‘technical error’**, exposed **sensitive economic projections, tax policies, and financial strategies** meant to remain confidential until the formal budget release. The incident occurred amid **political turmoil**, undermining public trust in the government’s ability to manage confidential information.The OBR acknowledged the **serious error**, pledging investigations and reports to relevant authorities, including the Treasury. The leak **disrupted market expectations**, risked **insider trading or speculative financial moves**, and **embarrassed the Labour government**, which was already grappling with **internal dissent, broken election pledges, and economic instability**. While no **direct financial theft or ransomware** was involved, the **unauthorized disclosure of high-stakes economic data**—critical to national fiscal policy—**threatened financial market stability** and **eroded institutional credibility**, with opposition parties demanding resignations over the **governance failure**.
Office for Budget Responsibility cybersecurity rating report: https://www.rankiteo.com/company/office-for-budget-responsibility
"id": "OFF4794147112625",
"linkid": "office-for-budget-responsibility",
"type": "Breach",
"date": "11/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': 'UK public, financial markets, '
'political stakeholders',
'industry': 'Public Administration',
'location': 'London, United Kingdom',
'name': 'HM Treasury (UK Government)',
'type': 'Government Department'},
{'industry': 'Public Sector/Economics',
'location': 'London, United Kingdom',
'name': 'Office for Budget Responsibility (OBR)',
'type': 'Independent Fiscal Watchdog'}],
'data_breach': {'data_exfiltration': 'No (data published prematurely on OBR '
'website, not stolen)',
'file_types_exposed': ['PDF (likely), HTML/web content'],
'sensitivity_of_data': 'High (national economic strategy; '
'market-sensitive information)',
'type_of_data_compromised': ['Economic policy documents',
'Taxation plans',
'Fiscal forecasts',
'Welfare reforms']},
'date_detected': '2024-11-06',
'date_publicly_disclosed': '2024-11-06',
'description': "The UK government's 2024 budget details, including a £26 "
'billion tax-raising plan, were leaked online by the Office '
'for Budget Responsibility (OBR) 30 minutes before Treasury '
"chief Rachel Reeves' official announcement in the House of "
'Commons. The OBR attributed the premature disclosure to a '
"'technical error,' calling it a 'serious mistake.' The leak "
'occurred amid political turmoil, including broken election '
'promises, economic struggles, and leadership challenges '
'within the Labour Party.',
'impact': {'brand_reputation_impact': 'High (government credibility '
'undermined; opposition parties '
"criticized Labour's competence; media "
"coverage framed as 'chaos')",
'data_compromised': ['Budget fiscal forecasts',
'Tax policy details (e.g., income tax '
'threshold freezes, mansion tax, capital '
'gains tax changes)',
'Welfare policy changes (e.g., child benefit '
'restrictions lifted)',
'Economic growth projections',
'Public finance buffers (£22 billion)'],
'operational_impact': 'Disrupted controlled budget announcement; '
'political fallout including calls for '
'resignation of Treasury chief Rachel Reeves',
'systems_affected': ['Office for Budget Responsibility (OBR) '
'website']},
'investigation_status': 'Ongoing (OBR internal review announced)',
'motivation': 'Accidental (no malicious intent confirmed)',
'post_incident_analysis': {'root_causes': ["Technical error in OBR's content "
'publication system']},
'references': [{'date_accessed': '2024-11-06',
'source': 'Associated Press (AP)'}],
'regulatory_compliance': {'regulatory_notifications': ['OBR committed to '
'reporting to Treasury '
'and other '
'authorities']},
'response': {'communication_strategy': ['Rachel Reeves labeled the leak '
"'deeply disappointing and a serious "
"error' in Parliament",
'OBR issued a public statement '
"attributing the leak to a 'technical "
"error'"],
'containment_measures': ['OBR removed prematurely published '
'content; issued public apology'],
'incident_response_plan_activated': 'Yes (OBR acknowledged error '
'and committed to reporting '
'to authorities)',
'remediation_measures': ['OBR pledged internal review; report to '
'Treasury and relevant authorities']},
'stakeholder_advisories': ["Rachel Reeves' statement in House of Commons; OBR "
'public apology'],
'title': 'UK Government Budget Leak Incident (2024)',
'type': 'Data Leak / Unauthorized Disclosure',
'vulnerability_exploited': 'Technical error (premature website publication)'}