The massive hack at the Office of Personnel Management was the work of online criminals, not state-sponsored cyber spies, according to a report in the official Chinese media.
Buried in an article covering this week’s U.S.-China cybersecurity talks, the English-language state-run media outlet Xinhua News said an unspecified investigation discovered the hack — which saw sensitive information, including the Social Security numbers, of 21.5 million individuals, stolen from OPM — was a criminal case, and not an act of espionage.
That contradicts the widely reported notion that the Chinese government was behind the hack. The Obama administration has never publicly blamed China, but current and former intelligence officials have said the hack was carried out by or on behalf of Beijing’s intelligence agency.
That portion of the Xinhua report does not appear to be included in the agency’s Chinese-language coverage of the talks, according to the New York Times.
[Read our complete timeline of the OPM hacks here.]
Up until this point, there has been no evidence that those responsible for the hack have used the information for any sort of crime, such as identity theft. In the wake of the hacks, the government issued a $133 million contract for identity monitoring for those affected by the hack.
The talks this week have been quiet, with both sides staying mum in the lead-up on what was to be discussed.
UPDATE (3:30 p.m.): The Washington Post, citing unnamed U.S. officials, reports that China says it has arrested people allegedly responsible for the OPM breach. It is unclear if they are affiliated with the Chinese government or considered rogue actors.