China hacked into the federal government’s network, compromising four million current and former employees' information. The Post's Ellen Nakashima talks about what kind of national security risk this poses and why China wants this information. (Alice Li/The Washington Post)

China dismissed American computer hacking allegations on Friday as “irresponsible and unscientific” after Washington accused Beijing of stealing personnel data on millions of federal employees.

On Thursday, U.S. officials said hackers working for the Chinese state had breached the computer system of the Office of Personnel Management in December, potentially compromising the data of about 4 million current and former federal employees.

Chinese Foreign Ministry spokesman Hong Lei said Beijing wanted to cooperate with other nations to build a peaceful and secure cyberspace.

“We wish the United States would not be full of suspicions, catching wind and shadows, but rather have a larger measure of trust and cooperation,” he told a regular news briefing,

Beijing routinely rejects any allegation of official involvement in cyber attacks on foreign targets, and routinely notes that China is itself the target of hacking attacks.

“We know that cyber hacking attacks are anonymous and transnational, and it is hard to track the source,” Hong said. “It’s irresponsible and unscientific to make groundless accusations without deep investigation and research.”

The hack was the largest breach of federal employee data in recent years, and the second major intrusion of the same agency blamed on China in less than a year.

China’s military is believed to have made cyber warfare capabilities a priority more than a decade ago. In May 2014, the U.S. Justice Department indicted five Chinese People’s Liberation Army officers for hacking into U.S. companies’ computers to steal trade secrets, and the issue has become a major irritant in the two nations’ relationship.

In a commentary, the state news agency Xinhua said the latest allegations were still “waiting to be supported by proof,” and were just another case of “Washington’s habitual slander against Beijing on cyber security.”

Revelations by former National Security Agency contractor Edward Snowden had shown the U.S. government has “long been engaged in large-scale, organized cyber theft, wiretapping and supervision of political figures, enterprises and individuals of other countries, including China,” the essay continued.

It was, Xinhua added, time for the United States to stop applying double standards and making unfounded accusations against China.

The nationalist Global Times said the United States had failed to provide sufficient evidence for previous accusations, and said the latest charges were “not worth refuting at all.”

The Office of Personnel Management, using new detection tools, discovered the breach in April, according to officials at the agency who declined to discuss who was behind the hack.

Other U.S. officials, who spoke on the condition of anonymity, citing the ongoing investigation, identified the hackers as being state-sponsored.

One private security firm, iSight Partners, says it has linked the OPM intrusion to the same cyber­espionage group that hacked the health insurance giant Anthem. The FBI suspects that intrusion, discovered in February, was also the work of Chinese hackers, people close to the investigation have said.

The intruders in the OPM case gained access to information that included employees’ Social Security numbers, job assignments, performance ratings and training information, agency officials said. OPM officials declined to comment on whether payroll data was exposed other than to say that no direct-
deposit information was compromised. They could not say for certain what data was taken, only what the hackers gained access to.

“Certainly, OPM is a high-value target,” Donna Seymour, the agency’s chief information officer, said in an interview. “We have a lot of information about people, and that is something that our adversaries want.”

In the current incident, the hackers targeted an OPM data center housed at the Interior Department. The database did not contain information on background investigations or employees applying for security clear­ances, officials said.

By contrast, in March 2014, OPM officials discovered that hackers had breached an OPM system that manages sensitive data on federal employees applying for clearances. That often includes financial data, information about family and other sensitive details. That breach, too, was attributed to China, other officials said. OPM officials declined to comment on whether the data affected in this incident was encrypted or had sensitive details masked. They said it appeared that the intruders are no longer in the system.

Hacking U.S. storm trackers

Postal Service has been hit

China takes softer line over accusations of North Korea cyber-sleuthing

Ellen Nakashima in Washington contributed to this report.