The U.S. Treasury Department has confirmed a “major incident” involving a state-sponsored Chinese hacking operation that exploited third-party software to infiltrate desktop computers used by Treasury employees.

In a letter obtained by NBC News, Aditi Hardikar, assistant secretary for management at the Treasury, informed Senators Sherrod Brown (D-Ohio) and Tim Scott (R-S.C.) of the breach. The attack, discovered on Dec. 8, targeted unclassified documents, according to the letter.

China has denied the accusations, with Foreign Ministry spokesperson Mao Ning stating at a press briefing, “China consistently opposes all forms of hacking and firmly rejects the spread of false information targeting China for political purposes.”

The breach was traced back to BeyondTrust, a third-party software provider. Hackers exploited a key used to secure a cloud-based service for remotely supporting Treasury Departmental Offices (DO) users. This access allowed them to bypass security measures and access user workstations.

In response, the Treasury has collaborated with the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, intelligence community members, and third-party forensic investigators to assess the breach and its implications fully.

A Treasury spokesperson confirmed to NBC News that the compromised BeyondTrust service has been taken offline and emphasized that “there is no evidence indicating the threat actor has continued access to Treasury systems or information.”

“Treasury takes very seriously all threats against our systems and the data it holds,” the spokesperson stated. “Over the last four years, Treasury has significantly bolstered its cyber defenses and will continue to work with public and private sector partners to protect our financial system from threat actors.”

The breach was ultimately attributed to Chinese hackers with the help of other U.S. agencies, the letter indicated. A supplemental report detailing the incident's findings is expected within 30 days.