Chinese state-sponsored hackers breached the U.S. Treasury Department's computer security guardrails this month and stole documents in what Treasury called a "major incident," according to a letter to lawmakers, opens new tab that Treasury officials provided to Reuters on Monday.

The hackers compromised third-party cybersecurity service provider BeyondTrust and were able to access unclassified documents, the letter said.

Chinese hackers remotely accessed several U.S. Treasury Department workstations and unclassified documents after compromising a third-party software service provider, the agency said Monday.

The department did not provide details on how many workstations had been accessed or what sort of documents the hackers may have obtained, but it said in a letter to lawmakers revealing the breach that “at this time there is no evidence indicating the threat actor has continued access to Treasury information.” The hack was being investigated as a “major cybersecurity incident,” it added.

The U.S. Commerce Department is moving to further crack down on China Telecom's (601728.SS) U.S. unit over concerns it could exploit access to American data through their U.S. cloud and internet businesses by providing it to Beijing, a source told Reuters.

The source confirmed a New York Times report that the department last week sent China Telecom Americas a preliminary determination that its presence in U.S. networks and cloud services poses U.S. national security risks and gave the company 30 days to respond.

The Biden administration has taken its first step to retaliate for China’s broad hack of American telecommunications firms, moving to ban the few remaining operations of China Telecom in the United States.

In a notice issued last week to China Telecom Americas — the U.S. subsidiary of one of China’s largest communications firms — the Commerce Department detailed a preliminary finding that the company’s presence in American networks and its provision of cloud services posed a national security risk to the United States.

Seven U.S. allies warned that a Chinese state-sponsored hacking group poses a threat to their networks, in an unusual coordinated move by Western governments to call out a global hacking operation they say is directed by Beijing’s intelligence services.

Microsoft’s president told Congress on Thursday his company accepted responsibility for major security failures that let China-linked hackers penetrate federal government computer networks, but defended his company’s presence in China.

Brad Smith struck a humble tone in his testimony before the House Homeland Security Committee and promised that the giant tech firm would fix security gaps in its products, which are widely used across federal agencies.

U.S. Commerce Secretary Gina Raimondo and senior officials at the State Department were victims of a newly discovered Chinese hacking campaign, American officials said Wednesday, a targeted spying effort in the spring that coincided with a Biden administration push to soothe rising tensions with Beijing.

Over two dozen government agencies in Western Europe and the United States were hacked by a China-based espionage group, according to Microsoft and U.S. national security officials.

The hackers accessed Microsoft-powered email accounts at the agencies as part of a continued effort by China-based actors to spy on and steal sensitive government and corporate data. The hacking group, code-named Storm-0558 by Microsoft, also compromised personal accounts “associated” with the agencies, likely employees of the agencies.

Chinese state-linked hackers secretly accessed email accounts at around 25 organizations, including government agencies, in a sweeping cyberespionage campaign, Microsoft said Wednesday.

Microsoft did not say which organizations or governments had been affected by the digital intrusion, but the White House said the U.S. had reported it to Microsoft.

National Security Council spokesman Adam Hodge said in a statement on Wednesday that an intrusion in Microsoft's cloud security had "affected unclassified systems."

News Corp, publisher of The Wall Street Journal, said Friday that it had been hacked and had data stolen from journalists and other employees, and a cybersecurity firm investigating the intrusion said Chinese intelligence-gathering was believed behind the operation.

The Journal, citing people briefed on the intrusion, reported that it appeared to date back to February 2020 and that scores of employees were impacted. It quoted them as saying the hackers were able to access reporters’ emails and Google Docs, including drafts of articles.