The State Services Commission is investigating Treasury Secretary and CEO Gabriel Makhlouf further to the National Party managing to retrieve Budget information from Treasury’s website ahead of its public release last Thursday.
While the Commission on Budget day announced it would investigate how the material was accessed, following a request from Makhlouf, it on Tuesday afternoon said it would look into Makhlouf’s handling of the situation in a separate inquiry.
“The investigation will establish the facts in relation to Mr Makhlouf’s public statements about the causes of the unauthorised access; the advice he provided to his Minister at the time; his basis for making those statements and providing that advice; and the decision to refer the matter to the Police,” the Commission said.
“Mr Makhlouf believes that at all times he acted in good faith,” Commissioner Peter Hughes said.
“Nonetheless, he and I agree that it is in everyone’s interests that the facts are established before he leaves his role on 27 June if possible. Mr Makhlouf is happy to cooperate fully to achieve that. I ask people to step back and let this process be completed."
Deputy State Services Commissioner, John Ombler, will lead the investigation. Makhlouf will continue working as usual during this time.
"The investigation announced today is separate to the inquiry announced last week into the unauthorised access of Budget information. The Terms of Reference and who will lead this inquiry, which is expected to take some months, will be announced shortly," the Commission said.
National last week accused Makhlouf of sitting on a lie that the party had "hacked" Treasury’s website to retrieve information about the Budget, when in fact a weakness in Treasury’s IT system meant the information could be found on its website if certain key words were typed into the search bar.
National last Tuesday morning started releasing Budget information. It refused at the time to say how it got the material.
Last Tuesday evening Treasury released a statement claiming it had been “deliberately and systemically hacked”, so further to the advice of the National Cyber Security Centre (which is part of the Government Communications Security Bureau), it had gone to the Police.
Finance Minister Grant Robertson shortly after, in a statement, said he had asked National to stop releasing information.
Then last Wednesday morning Makhlouf did an interview on RNZ, in which he elaborated on the “hack” by saying someone had made over 2000 attempts to get into Treasury’s website. He said the information accessed was similar to that National had drip-fed to the media.
In the evening, National said it would reveal at a press conference the following morning - Budget day - where it got the Budget information from.
But then at 5am Treasury released a statement saying the Police investigation had been dropped, as it turned out the information could be accessed by anyone who searched its website.
Makhlouf conceded there was a weakness in Treasury’s systems that made it susceptible to “unacceptable behaviour” - “deliberate, systemic and persistent” searches of its website.
The State Services Commission released a statement around the same time, saying it would investigate.
Come 8.45am, National Leader Simon Bridges in his press conference detailed how National stumbled upon the information and called for both Makhlouf and Robertson to resign.
Robertson then distanced himself from Makhlouf, expressing his “disappointment” over Treasury not seeking further information about how the Budget material had been obtained, before getting the Police involved.
Hughes on Tuesday said the questions that had been raised about Makhlouf were of “considerable public interest”.
“It’s my job to get to the bottom of this and that’s what I’m going to do,” he said.
Makhlouf is due to start a new job as the Governor of the Central Bank of Ireland on September 1. A spokesperson for Ireland's Finance Minsiter reportedly said the controversy wouldn't affect Makhlouf’s appointment