HONG KONG — China has acknowledged for the first time that the breach of the U.S. Office of Personnel Management’s computer systems, which the Obama administration said exposed the personal information of more than 21.5 million people, was the work of Chinese hackers. But China insisted that the breach was the result of criminal activity, not a state-sponsored cyberattack.
HONG KONG — China has acknowledged for the first time that the breach of the U.S. Office of Personnel Management’s computer systems, which the Obama administration said exposed the personal information of more than 21.5 million people, was the work of Chinese hackers. But China insisted that the breach was the result of criminal activity, not a state-sponsored cyberattack.
The assertion came in one paragraph midway through an article published Tuesday by Xinhua, the state-run news agency, about a meeting in Washington between top Chinese and U.S. law enforcement officials, and it raised more questions than it answered.
The session was the first since President Barack Obama and President Xi Jinping of China announced a set of vague rules of the road about what kind of hacking is impermissible. The two countries have promised to work toward a more comprehensive understanding.
The report did not say whether Chinese authorities had identified anyone suspected of carrying out the immense breach of security, which was revealed this year.
The theft, which was extraordinarily sophisticated and continued for more than a year before it was detected, involved the security-clearance forms of millions of federal employees, veterans, contractors and others. The forms include information about health, finances and other personal matters for 19.7 million people who underwent government background checks in the past 15 years, as well as 1.8 million other people, including spouses and friends, according to the Obama administration. Five million of the stolen records included fingerprints.
“Through investigation, the case turned out to be a criminal case, rather than a state-sponsored cyberattack as the U.S. side has previously suspected,” Xinhua reported. It said the issue was discussed in a meeting between Guo Shengkun, China’s minister of public security, and U.S. officials including Jeh Johnson, the secretary of Homeland Security, and Loretta E. Lynch, the attorney general.
U.S. officials are likely to be dubious about the Chinese contention. Investigators have said that the sophistication and length of the attack had the hallmarks of a state-sponsored operation. So did the targets of the attack, because the security information could be used to build a database of federal employees, including many working in the White House, the State Department and the military.
© 2015 The New York Times Company