The U.S. Treasury Department said a Chinese state-sponsored hacking operation used third-party software to break into the desktop computers of Treasury employees in what the department called a “serious incident.”

In a letter seen by NBC News, Aditi Hardikar, assistant secretary for administration at the U.S. Treasury Department, wrote that the office was notified of the breach on December 8. The letter is addressed to Sen. Sherrod Brown, D-Ohio, and Sen. Tim Scott, R-S.C., the chairman and ranking member, respectively, of the Banking, Housing and Urban Affairs Committee.

The information accessed by the “threat actor” included unclassified documents, according to the letter.

Hardikar wrote that the U.S. Treasury Department was notified by “a third-party software services provider, BeyondTrust, that a threat actor gained access to a key used by the provider to secure a cloud-based service that provides remote support to the Treasury Department from the Remotely Serves Offices (DO) End Users.”

With this access, the “threat actor” was able to override certain security measures and access the department’s user workstations.

The U.S. Treasury Department worked with the Cybersecurity and Infrastructure Security Agency, the FBI and other members of the intelligence community, as well as “third-party forensic investigators to fully characterize the incident and determine its overall impact,” the letter said.

In a statement to NBC News, a Treasury Department spokesperson cited the contents of the letter, saying that “the compromised BeyondTrust service has been taken offline” and that there is “no evidence that the threat actor continues to have access to Treasury systems or information.” “.

“Treasury takes all threats to our systems and the data they store very seriously. Over the past four years, Treasury has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threat actors,” the statement reads in part.

Other agencies helped the U.S. Treasury Department conclude that the breach came from Chinese hackers, the letter said.

The letter states that a supplementary report will be provided within 30 days.