The hackers behind the complex malware campaign known as the SolarWinds breach accessed high-level email accounts at the US Department of Homeland Security, according to an AP report. The accounts are believed to belong to Acting Secretary Chad Wolf, appointed by President Donald Trump in November 2019, as well as DHS officials responsible for identifying threats from foreign adversaries.

Monday’s report says the suspected Russian hackers hacked into the email accounts of the very people in the Trump administration whose job it was to catch them. News sources reported in February that DHS was one of the targets of the intrusions, which affected at least nine federal agencies in total in more than 100 private companies. The hackers used malware implanted in software made by SolarWinds, as well as vulnerabilities in software from other companies, to break into a variety of systems.

The SolarWinds hack came to light in December 2020, when security Experts at FireEye, Microsoft and Crowdstrike have identified widespread malware on their customers’ enterprise systems. The hackers had inserted the malware into a legitimate update of popular programs made by SolarWinds, a Texas-based computer software maker. Thousands of companies and government agencies installed the update, and then the hackers focused on a smaller group of targets.

DHS did not immediately respond to a request for comment on Monday. According to the AP, Wolf and other officials used the Signal encrypted chat service on new phones to communicate in the days following the attack.

See also: How to avoid a spear attack. 4 tips to protect yourself from timeless scams