A Tuesday piece in the Washington Post said the hackers penetrated the DNC’s networks, read emails and chats, and accessed the committee’s database on the Republican presidential hopeful.

They reportedly had access to the systems for a year, before the DNC kicked them off over the weekend, with the help of security firm CrowdStrike. The story was confirmed by NBC News. The DNC did not immediately respond to a request for comment from Fortune.

Get Data Sheet, Fortune’s technology newsletter.

According to CrowdStrike, the intrusions were the work of two separate hacker groups, working for different Russian intelligence services.

It called one “Cozy Bear” and the other “Fancy Bear”—it was the latter that stole the opposition research files, allegedly for Russian military intelligence, while the former spied on the DNC’s communications, perhaps for the FSB (formerly the KGB).

“When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately,” DNC chairwoman Debbie Wasserman Schultz (D-Fla.) was quoted as saying. “Our team moved as quickly as possible to kick out the intruders and secure our network.”

For more on Trump, watch our video.

The intruders reportedly used flaws in applications on the DNC’s systems to access the data. It’s not clear how they got in in the first place, although it may have involved “spear phishing,” where the hacker suckers an employee at the targeted organization into clicking on something they shouldn’t.

Security expert Chris Soghoian was quick to highlight the irony here, given Hillary Clinton’s repeatedly-stated antipathy towards strong encryption:

https://twitter.com/csoghoian/status/742754598457364480

CrowdStrike was the same company that conducted an investigation for the DNC into the episode where Bernie Sanders’ staffers improperly accessed voter data information from Hillary Clinton’s campaign.