Germany is investigating a security breach of its defence and interior ministries' private networks, a government spokesman has confirmed.
A notorious Russian hacking group known as Fancy Bear, or APT28, is being widely blamed in German media.
They are thought to be behind a number of cyber-attacks on the West, including breaches in the 2016 US election.
The hack was first realised in December and may have lasted up to a year, the DPA news agency reported.
The group is reported to have targeted the federal government's internal communications network with malware.
"We can confirm that the Federal Office for Information Security (BSI) and intelligence services are investigating a cyber-security incident concerning the federal government's information technology and networks," a German interior ministry spokesman said on Wednesday.
He said the attack was "isolated" and had been "brought under control" but declined to comment on reports of Russian involvement.
Fancy Bear was blamed for a similar attack on the lower house of the German parliament in 2015 and is also thought to have targeted the Christian Democratic Union party of Chancellor Angela Merkel.
Officials in the country issued repeated warnings about the potential of "outside manipulation" in last year's German election.
The hacking group has been linked to the Russian state by multiple security experts investigating its international hacks.
They are also known by other names including Sofacy, Pawn Storm, Sednit and Tsar Team.
The group played a key role in 2016's attack on the Democratic National Committee (DNC) in the US, according to security experts.