Russian government-backed spies hacked into the U.S. Treasury and Commerce departments, the Washington Post reported Sunday. The hack, first reported by Reuters, was serious enough that the National Security Council had to be briefed, according to that outlet.

According to the Post, the group—referred to as APT29 or Cozy Bear by cybersecurity experts—is working with SVR, Russia’s foreign intelligence agency. Earlier this week, the paper reported that APT29 was the group behind a hack on FireEye, a top U.S. cybersecurity firm.

“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” John Ullyot, a National Security Council spokesperson, told Reuters.

The agency within the Commerce Department that was hacked was said to be the National Telecommunications and Information Administration, which is in charge of advising the president on telecommunications issues. According to Reuters, those briefed on the matter fear that other government agencies could have been hacked as well.

“We can confirm there has been a breach in one of our bureaus,” a Commerce Department spokesperson said in a statement, according to the Wall Street Journal's Dustin Volz. “We have asked CISA and the FBI to investigate, and we cannot comment further at this time.”