A data breach of millions of US government employees allowed Chinese hackers to access sensitive information including security clearances of the workers and contractors, the Washington Post said Friday.
The report said investigators are looking at two separate attacks, widely believed to be from China, accessing government employee records in a database at the Office of Personnel Management (OPM).
The database "is very sensitive and it has lots of interfaces to it," a US official told the newspaper on condition of anonymity.
The report, which called the breach "wider than first acknowledged," said the database could possibly contain files on some CIA employees.
"That's the open question -- whether it's going to hit CIA folks," a second official was quoted as saying. "It would be a huge deal. They could start unmasking identities."
The database contains personal information on employees including their financial histories, investment records, family data, contacts with foreigners and names of neighbors and friends, according to the report.
Earlier this week, a public employees union said the hackers obtained sensitive information on all federal employees.
Samuel Schumach, spokesman for the OPM, would not confirm if the hack originated in China.
An investigation that included the FBI found that "there was a high degree of confidence that OPM systems containing information related to the background investigations of current, former, and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated," he said.
The OPM was still assessing how many people had been affected, he added.