U.S. authorities have indicated that hackers, believed to have originated in Russia, are accountable for security breaches impacting the networks of a minimum of 10 U.S. federal organizations and numerous prominent technology firms, notably FireEye and Microsoft.

A collaborative announcement released on Tuesday by the FBI, the NSA, and CISA – the cybersecurity division of Homeland Security – stated that the government is “currently assessing the full extent” of the intrusions, but considers them to be probably an operation focused on collecting intelligence.

According to the announcement, these compromises are “currently in progress.”

While the statement refrained from identifying the affected agencies, reports suggest that the Treasury Department, the State Department, and the Department of Energy are among those impacted.

“This represents a significant security incident demanding continuous and focused efforts to resolve,” the statement affirmed. “This collaborative effort will persist in undertaking all essential measures to investigate, rectify the situation, and disseminate information to our collaborators and the public.”

Details regarding this extensive espionage undertaking surfaced in early December following the discovery by FireEye, a leading cybersecurity company often consulted by victims of cyberattacks, that its own network had been compromised. Shortly thereafter, reports emerged indicating that multiple government agencies had also experienced infiltration.

All organizations affected utilize software from U.S.-based company SolarWinds, specifically their Orion network management tools, which are widely employed throughout the U.S. government and within Fortune 500 corporations. FireEye explained that the attackers gained access to SolarWinds’ network and distributed a compromised software update to its user base, enabling them to readily access the systems of thousands of companies and agencies that installed the malicious update.

Approximately 18,000 customers downloaded the compromised software update; however, the government’s joint statement clarified that it estimates only a “limited subset” have experienced further compromise through subsequent activity on their systems.

Multiple news sources had previously connected the attacks to a Russian intelligence organization known as APT 29, also referred to as Cozy Bear, which has been associated with various espionage-related attacks, including attempts to acquire research related to coronavirus vaccines.

The government’s statement on Tuesday marks the first official acknowledgment of the likely source of the campaign.

Russia has previously issued denials regarding any involvement in these hacking incidents.