They appeared to have followed links in a phishing email that led them to the website in question.
This was what caused the breach of the Parliament network that was made public in January, according to the Senate President Scott Ryan who was replying to a question on notice in Senate Estimates.
In another indication that security measures at Parliament are not up to the mark, Ryan also disclosed that all MPs had been advised about the incident - but only after the entire network was shut down, meaning that the emails sent did not reach the intended recipients.
His answer appears to contradict the version put out by the Australian Signals Directorate, which said on 14 April that nation-state actors had breached the Parliament networks.
Mike Burgess, who was the director-general of ASD at the time, told the Senate Foreign Affairs, Defence and Trade Legislation Committee on 5 April: "The level of sophistication here leads us to believe it has to be a state actor. That's our assessment. Of course, that could still be just a very, very clever individual, but we think that's highly unlikely."
Phishing emails are the lowest common denominator when it comes to luring a person to visit a compromised site, though some efforts are better than others with the emails well-written in good English and targeting users who are known to have less technological nous than others.
Ryan's explanation may be designed to divert attention from China which, as usual, has been blamed for the incident by some media.