It said it was made aware of the hack on 8 December by BeyondTrust, a spokesperson told the BBC. According to the company, the suspicious activity was first spotted on 2 December, but it took three days for the company to determine it had been hacked.

The spokesperson said the hackers were able to remotely access several Treasury user workstations and some unclassified documents that were kept by those users.

The department did not specify the nature of these files, or when and for how long the hack took place. They also did not specify the level of confidentiality of the computer systems or the seniority of the staff whose materials were accessed.

The hackers may have been able to create accounts or change passwords in the three days that they were being watched by BeyondTrust.

As espionage agents, the hackers are believed to have been seeking information, rather than attempting to steal funds.