Britain’s budget watchdog has said the early leak of its budget documents before Rachel Reeves made her speech was the “worst failure” in its 15-year history as it emerged a similar breach had occurred earlier this year.
The Office for Budget Responsibility (OBR) said an investigation had found that the leadership of the organisation, over many years, was to blame for the early release of its Economic and Fiscal Outlook (EFO) document online nearly an hour before Reeves’s address last Wednesday.
After an investigation headed by the OBR’s chief of staff, Laura Gardiner, and Ciaran Martin, the former head of the National Cyber Security Centre, the report said a weakness in its procedures was likely to have been pre-existing, and it would audit and improve its systems.
The organisation also admitted that its previous report, published in March alongside the spring statement, had also been accessed “prematurely” – five minutes into Reeves’s speech after being uploaded online before it was supposed to be, at the end of the speech.
“We are in no doubt that this failure to protect information prior to publication has inflicted heavy damage on the OBR’s reputation. It is the worst failure in the 15-year history of the OBR,” they said.
It said the Treasury and the Cabinet Office should also shoulder some of the responsibility for maintaining IT systems that lacked the level of security needed to prevent unregulated access by outside bodies.
The EFO document set out all the key announcements on taxes, growth and individual policy changes, leading to mockery and anger among some MPs in parliament.
The investigation found: “Pressure on the small team involved to ensure that the full Economic and Fiscal Outlook – a substantial document – and many associated spreadsheets and other documents would be available immediately after the chancellor sat down had led to the use of a pre-publication facility, a commonly used device that however created a potential vulnerability if not configured properly.
“The security of this brief phase in the production of the EFO had not, over the years, received the same amount of attention by the OBR as the ongoing necessity of ensuring security of communications with the Treasury during the long period of run-up to the budget.
The terms of reference for the inquiry referred to a “publication error” and said its starting point would be that “the OBR inadvertently made it possible to access the November 2025 EFO too early on budget day”.
Before the nature of the mistake became clear, the OBR chief, Richard Hughes, suggested in an interview with the BBC that “an external person” may have prematurely been able to access the link to its budget report.
Hughes later wrote to the chancellor, Rachel Reeves, and the chair of the Treasury select committee, Meg Hillier, to apologise and said he was “mortified”.
He said he would resign if he lost the confidence of Reeves or the TSC.
“The ultimate responsibility for the circumstances in which this vulnerability occurred and was then exposed rests, over the years, with the leadership of the OBR,” the report said on Monday.
The OBR was created in 2010 by the then chancellor, George Osborne, to provide independent forecasts for the economy – including inflation, unemployment and the outlook for economic growth – with a view of how tax receipts and spending commitments will affect the public finances over a five-year period.
Previously, the Treasury had made its own judgment of economic growth and how much the government would need to borrow, raise taxes or cut spending to balance the books.
Separately, Reeves has denied lying to the public in the buildup to last week’s budget, insisting that she needed to raise taxes to a record level to ensure economic stability.
