The trio was part of a "cyber fox hunt" co-hosted by the University of Melbourne, according to a report published by the ABC.
The aim of the competition was to explore how the metadata retention law affects residents' privacy.
Twelve teams took part in the contest and used software to search a database of mobile, internet and location metadata. Only one team failed to find the target and the winning team took just an hour to do so.
Metadata includes addresses of people emailed, numbers called, time, date and duration of calls, phone location, and mobile postal and billing addresses.
One of the students, Gen, 12, told the ABC that tracking down the whistleblower was much easier than she had expected.
""Basically what happened was we found the data that had the Google searches and the ones that corresponded with searches the whistleblower would use. We then found the IP address they used with the Google searches and we linked the IP address to their email. We used the email to find their phone number and their address."
Melbourne University technology researcher Suelette Dreyfus, an organiser of the event, expressed shock, surprise and horror at the speed with which the whistleblower was tracked down.