In 2015, security experts connected state-sponsored attackers working for the Chinese government to one of the most notable data breaches in U.S. history — the attack on the U.S. Office of Personnel Management (OPM).
The attack on OPM compromised over 4 million records, including information on current, former and prospective federal government employees, as well as their family members, foreign contacts and even psychological information.

What you need to know: 

An advanced persistent threat (APT) is a highly advanced, covert threat on a computer system or network where an unauthorized user manages to break in, avoid detection, and obtain information for business or political motives. Typically carried out by criminals or nation-states, the main objective is financial gain or political espionage. While APTs continue to be associated with nation-state actors who want to steal government or industry secrets, cybercriminals with no particular affiliation also use APTs to steal data or intellectual property. 

How the attack happens: 

An APT usually consists of highly advanced tactics, including a fair amount of intelligence gathering, to less sophisticated methods to get a foothold in the system (e.g., malware and spear phishing). Regardless, various methodologies are used to reach and compromise the target in question and to maintain access. The most common plan of attack is to escalate from a single computer to an entire network by reading an authentication database, learning which accounts have the appropriate permissions, and then leveraging said accounts to compromise assets. APT hackers will also install backdoor programs (like Trojans) on compromised computers within the exploited environment. They do this to make sure they can gain re-entry, even if the credentials are changed later. 

Where the attack comes from: 

Most APT groups are affiliated with, or are agents of, governments of sovereign states. An APT could also be a professional hacker working full-time for the above. These state-sponsored hacking organizations usually have the resources and ability to closely research their target and determine the best point of entry.