Another day, another cyberattack.

Hackers accessed tax returns belonging to more than 300,000 people — more than twice officials' initial estimate — when they breached an Internal Revenue Service program in May, stealing taxpayers' personal information and generating nearly $50 million in fraudulent refunds, the agency said this week.

But the IRS hack is just one of more than a dozen cyberattacks on U.S. agencies in recent years, though the exact number and scope of attacks can be hard to gauge because officials are often reluctant to disclose or discuss them, let alone point fingers at suspected perpetrators. SY Lee, a spokesman for the U.S. Department of Homeland Security, told Mashable the agency did not "have a list" of cyberattacks on U.S. agencies.

"I think there's probably some reluctance to admit the depth of the problem," said Wayne Jackson, CEO of Sonatype. "They are way more vulnerable than they would like for us to know."

Overall, though, federal agencies have suffered at least a dozen major data breaches or network intrusions since 2007 — many reportedly at the hands of Russian and Chinese hackers, who have successfully targeted a nuclear research laboratory, the Postal Service, weather and satellite networks, administrative agencies holding sensitive personal information and even the White House itself, according to news reports.

Such attacks — often suspected to be state-sanctioned — are distinct from the kinds of cyber-assaults that have targeted commercial entities, such as retailers or banks. But those, too, are useful and frequent targets for foreign agents. According to a National Security Agency document obtained by NBC News, for instance, Chinese hackers targeted more than 600 government, corporate and private, including big firms like Google and Lockheed Martin, in a five-year period ending in 2014.

While none of the reported hacks have managed to infiltrate government agencies' classified networks, the slew of cyberattacks has allowed hackers to steal valuable personal data — including Social Security numbers, addresses, dates of birth, health records and emails — belonging to millions of Americans, including top government officials.

Experts say these are high-tech means toward an old-fashioned end: Espionage.

When Chinese hackers allegedly broke into the Office of Personnel Management's computer system and stole data belonging to 21 million Americans who had applied for — or knew someone who had applied for — a background check, experts warned that foreign actors could use the information from background check interviews — which includes everything from their financial histories to details about their sex lives — to blackmail or coerce victims.

“They would leverage this data to get to diplomatic, political, military and economic intelligence that they typically target,” John Hultquist, senior manager for cyberespionage threat intelligence at iSight Partners, told the Washington Post in June.

When the hackers' identities are known, diplomatic reasons might keep officials from naming names. But sometimes identifying the perpetrator — especially the skilled ones — is just too hard.

Known breaches of classified information, for example, are rare. That's partly because truly sensitive information is often kept on networks that are never connected to the public internet, Jackson said. But sometimes, it's because the hackers are just that good. Earlier this year, German magazine Der Spiegel reported — that Chinese hackers had stolen "many terabytes" of classified data regarding a new U.S. fighter jet. The theft, which was believed to have occurred in 2007, went unreported for seven years.

"The difficulty of getting to [classified information] would imply a sort of nation-state kind of skill," Jackson said. "Someone with that kind of skill would be very hard to detect because they'd be sufficiently capable that you'd almost certainly never know that they were there."