The U.S. Treasury Department declared new sanctions on Friday linked to a significant cyberattack targeting American telecommunications firms and a breach of its own systems.

These sanctions focus on a Chinese hacker believed to be associated with Beijing’s Ministry of State Security, who took part in a recent cyber-intrusion that compromised many Treasury Department workstations.

In addition to the individual, a cybersecurity firm based in China has also been penalized, with U.S. officials asserting that it has direct ties to a hacking group referred to as Salt Typhoon. This group is thought to be responsible for a substantial breach affecting major telecom companies, ultimately granting Beijing access to private communications, including texts and phone calls of an indeterminate number of Americans.

The U.S. government suspects that senior officials and well-known political figures may have had their communications compromised. Deputy Treasury Secretary Adewale Adeyemo emphasized the department’s determination to hold accountable malicious cyber actors targeting American citizens, businesses, and government entities, especially those who sought to compromise the Treasury Department itself.

As a result of the sanctions, the hacker, Yin Kecheng, based in Shanghai, as well as Sichuan Juxinhe Network Technology Co. LTD, will be prohibited from conducting any transactions in the United States.

Earlier in the month, the Treasury also imposed sanctions on another cybersecurity firm located in Beijing for its involvement in various cyberattacks that threatened critical U.S. infrastructure.

Despite the U.S. accusations of hacking, the Chinese government has consistently refuted any claims, including those related to the recent incidents involving the Treasury Department.

The announcement made on Friday did not disclose additional specifics regarding the extent of the Treasury Department’s breach, which the agency reported first became aware of on December 8. This revelation occurred when the third-party service provider, BeyondTrust, alerted officials that hackers had compromised a critical security key utilized to secure a cloud-based service for providing remote technical support to employees.

With this key in their possession, the hackers could bypass security measures and gain remote access to multiple employee workstations, raising serious questions about the vulnerability of U.S. governmental cybersecurity protocols.