FILE - In this Nov. 1, 2017, file photo, traffic along Pennsylvania Avenue in Washington streaks past the Federal Bureau of Investigation headquarters building. The National Republican Congressional Committee said Tuesday that it was hit with a "cyber intrusion" during the 2018 midterm campaigns and has reported the breach to the FBI. (AP Photo/J. David Ake)
FILE - In this Nov. 1, 2017, file photo, traffic along Pennsylvania Avenue in Washington streaks past the Federal Bureau of Investigation headquarters building. The National Republican Congressional Committee said Tuesday that it was hit with a "cyber intrusion" during the 2018 midterm campaigns and has reported the breach to the FBI. (AP Photo/J. David Ake) Credit: J. David Ake

Washington — Thousands of emails were stolen from aides to the National Republican Congressional Committee during the 2018 midterm campaign, a major breach exposing vulnerabilities that have kept cybersecurity experts on edge since the 2016 presidential race.

The email accounts were compromised during a series of intrusions that had been spread over several months and discovered in April, a person familiar with the matter told The Associated Press. At least four different party aides had their emails surveilled by hackers, said the person, who was not authorized to discuss the details publicly and spoke on condition of anonymity.

The committee said an “unknown entity” was behind the hack but provided few other details. A cybersecurity firm and the FBI have been investigating the matter, the committee said. The FBI declined to comment.

Politically motivated cyberespionage is commonplace across the world, but Americans have become particularly alert to the possibility of digital interference since Russia’s meddling in the 2016 election. The theft of Democrats’ emails still is fresh in the minds of many political operatives and lawmakers, who have stepped up defensive measures but still struggle to protect themselves.

Foreign spies routinely try to hack into politicians’ emails to gain insight, ferret out weaknesses and win a diplomatic edge. But hackers often launch sweeping spear-phishing campaigns to gain access to a variety accounts — with no political motivation.

With no immediate suspects and few technical details, it’s unclear what the significance of this latest incursion is.

In August, the Democratic National Committee thought it had thwarted an attempt to break into its massive voter database — but the effort turned out to be an unauthorized test that mimicked what an attack would look like.

CrowdStrike, a California-based cybersecurity company, said on Tuesday the NRCC asked the company in April to “perform an investigation related to unauthorized access” to the committee’s emails. Before that, the company had been helping the committee protect its internal corporate network, which wasn’t compromised.

“The cybersecurity of the committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter,” the committee said in a statement.

The hack first was reported by Politico.

Earlier this year, NRCC Chairman Steve Stivers said the committee — which raises money to support Republican candidates for the House — hired multiple cybersecurity staffers to work with its candidates and promised to do more.

During the 2016 presidential campaign, Russian state-aligned hackers organized the leak of more than 150,000 emails stolen from more than a dozen Democrats. The FBI later said the Russians had targeted more than 300 people affiliated with the Hillary Clinton campaign and other Democratic institutions over the course of the presidential contest.

Special counsel Robert Mueller is now investigating whether people close to Donald Trump’s presidential campaign had advance knowledge of WikiLeaks’ plans.