The agency described the incident as "activity of concern … affecting less than 1 percent of employee inboxes" in a Sept. 7 alert that was shared with Politico and confirmed by two U.S. officials, Censor.NET reports
"We have determined that certain employees’ personally identifiable information (PII) may have been exposed," the alert said. "We have notified those employees."
The classified email system was not affected, according to the alert, which was marked "Sensitive But Unclassified."
Watchdog reports have consistently dinged State for its insufficient cybersecurity protections, and last week a bipartisan group of senators asked Secretary of State Mike Pompeo how the department was responding. The secretary has yet to respond to the senators' letter.
Following the email breach, the department convened a task force to examine the incident, according to a U.S. official, who requested anonymity to discuss a security matter.
The State Department confirmed the breach of its cloud-hosted email service in a statement to Politico. "This is an ongoing investigation and we are working with partner agencies, as well as the private sector service provider, to conduct a full assessment," spokeswoman Nicole Thompson said in an email.
The sources who spoke to POLITICO did not say whether the department had identified the hackers behind the breach.
The State Department has always been a top target for hackers, especially those working for foreign governments. One of the most famous cybersecurity incidents in U.S. government history occurred in late 2014, when the NSA and Russian hackers battled for control of State Department servers.
Federal officials told CNN months later that it was the "worst ever" breach of a federal agency. The same Russian hackers also hit the email systems of the White House and the Joint Chiefs of Staff.