A hacking group named Cozy Bear, said to be backed by Russian government agencies, infected over 18,000 US companies and parts of the US government back in March. The hack went undiscovered for months, and was announced only on December 9. The companies affected included Intel, Nvidia, and Cisco.
The hackers exploited vulnerabilities in software from at least three US firms - Microsoft, SolarWinds, and VMware. Most of the attacks came via Solarwind's network monitoring platform - used by hundreds of thousands of customers. Solarwind confirmed that 18,000 were hacked.
This is a historic data breach, and it is still not known what data has been acquired. The victims include an email system used by senior leadership at the Treasury Department.