In a statement issued on Thursday, the ACCC said it had investigated the incident, adding that the merger information became public while it was being input into the back-end of the mergers register.
A third-party user tried to access the existing web page while it was being updated and this led to the new information going live for eight minutes before it was noticed and taken down, the ACCC said.
While the ACCC said it had rectified the issue by patching the Drupal software that it uses, there is no indication in the vulnerabilities list for this CMS about any flaw that causes this kind of stuff-up.
“The ACCC has successfully managed highly market-sensitive commercial information for decades and this is the first time, to our knowledge, that a merger decision has been released in this manner.
“We have thoroughly reviewed all of the processes and information technology systems that led to this error, and we want to assure our stakeholders this incident will not be repeated.”
TPG's share price dropped sharply after the news of its proposed merger with VHA being opposed by the ACCC.
The two companies have taken the ACCC to court to challenge the decision.
Contacted for comment, a Drupal spokesman said the project was researching the situation.
"One idea I can share is the list of vulnerabilities in contributed modules," he said. "Most Drupal sites have a mix of contributed modules and even some custom code. It's possible a vulnerability like they describe could be in a contributed or custom module."