A new report by the U.S. Government Accountability Office (GAO) found that many Federal Agency buildings are owned by people in foreign governments.

The report found that the General Service Administration (GSA) has been placing FBI agents and other high-security officials in buildings that are owned by foreign entities such as Canada, China, Israel, Japan, and South Korea.

The report looked at the GSA leasing of high-security space from foreign owners in at least 20 buildings to 26 tenant agencies.

Those agencies include – the Federal Bureau of Investigation, Drug Enforcement Agency offices, Social Security Administration offices, the U.S. Secret Service and others.

Nine out of the fourteen tenant agencies that the GAO contacted were unaware that the space they occupied was in a building was foreign owned.

While the other five agencies knew and were not concerned or have taken precautionary measures.

The GSA stated that “foreign ownership of government-leased space can pose security risks particularly regarding cybersecurity,” referencing China. The report further noted that “companies in China are likely to have ties to the Chinese government,” as well as federal government warnings about Chinese government hackers targeting private and federal U.S. entities. “China is the leading suspect in the cyber intrusion into the Office of Personnel Management’s (OPM) systems affecting background investigation files for 21.5 million individuals which OPM reported in July 2015,” the GAO added.

“The real property database did not include information on all of the buildings in which GSA leases high-security space,” the GAO report said. “Therefore, the results of our analysis are likely understated and GSA may be leasing more high-security space than what we identified in the 25 leases.”

Congress also sounded the alarm with Senators warning on Friday that Federal officials are putting sensitive materials in foreign-owned buildings opening them up to cyber attacks, espionage and even physical access by foreign spies.

“In some cases the space is used for classified operations and to store sensitive data,” Sen. Steve Daines, R-Mont., and Sen. Tammy Duckworth, D-Ill., wrote in a Thursday letter to acting GSA Administrator Timothy Horne. “Given the highly sensitive information that is often stored at high-security leased sites, we are concerned with the lack of policies and procedures concerning the ownership of these sites.”

“Federal agencies are among the top targets for cyber criminals, with many agencies experiencing thousands of attempted attacks daily,” Duckworth and Daines wrote. “Agencies must have the information necessary to assess and address the risks to their high-security facilities, including cybersecurity vulnerabilities that exist in foreign-owned buildings.”

The report noted that the GAO was unable to identify ownership information for about one-third of the GSA’s 1,406 high-security leases.

“GSA lacks complete information regarding foreign-owned leased space including beneficial owner information (which GAO defined as the person who ultimately owns and controls a company),” the senators noted.

The GAO report concluded with a recommendation that the GSA determine whether the beneficial owner of a high-security leased space is a foreign entity and, if so, that they share that information with the tenant agencies for any needed security mitigation.