MINNEAPOLIS (WCCO) – Hennepin County officials say an email cyberattack compromised the accounts of about 20 employees, and the hackers used the accounts to send malicious emails.

In a statement Thursday, officials in Minnesota’s largest county said the cyberattack is under investigation and the contents of the compromised accounts are being assessed to see if private data was accessed.

The cyberattack happened through a sophisticated phishing email scheme, which targeted county employees around the end of June.

The county says the accounts of approximately 20 employees out of 9,300 were compromised.

Jerome Drissen, the county’s chief information officer, says the county is “aggressively responding,” adding that there will be an increased effort to keep staff and data safe.

The county says its business partners have been notified about the attack, adding that the case has been referred to the FBI.

Also, the county will open its own investigation into the attack and will prepare a report that’ll be available to the public, as required by state law.

A phishing attack is when hackers send emails to employees or private citizens pretending to be a legitimate organization. The fake emails often ask for sensitive information, such as login credentials or credit card numbers.