Netherlands’ spy service broke into the computers used by a powerful Russian hacking group and may be sitting on evidence relating to the breach of the U.S. Democratic National Committee, a Dutch newspaper and television show jointly reported Friday.

Reports carried in the respected daily Volkskrant and the current affairs show Nieuwsuur say hackers working for the Dutch General Intelligence and Security Service penetrated the computers used by the group, often nicknamed Cozy Bear, in mid-2014 and watched them for at least a year, even managing to catch the hackers on camera.

Dutch officials declined comment; Interior Minister Kajsa Ollongren, interviewed by reporters in The Hague before the government’s weekly cabinet meeting, said she was “very happy that we have good security services in the Netherlands that do their work well. I can’t say anything about this case that has been published.”

Volkskrant and Nieuwsuur said that the Dutch spies used their access to help oust Cozy Bear from U.S. State Department computers in late 2014. Volkskrant said American spies were so grateful they sent the Dutch cake and flowers.

Cozy Bear would later be identified as one of two Russian government-linked hacking groups that broke in to the DNC ahead of the 2016 presidential election; the other is usually called Fancy Bear. Cybersecurity firm CrowdStrike says the two groups operated independently.

Unmasking the Cozy Bear hackers would provide key evidence for investigators trying to unravel the DNC breach, but it may not dispel the mystery surrounding the leaks that followed.

A recent AP investigation found that all but one of the two dozen or so officials whose emails were published in the run-up to the 2016 election were targeted by Fancy Bear, suggesting a separate Russian intelligence operation may have been responsible.

Satter reported from London.