The disclosure by U.S. officials that Chinese hackers stolerecords of as many as 4 million government workers is now beinglinked to the thefts of personal information from health-carecompanies.

Forensic evidence indicates that the group of hackersresponsible for the U.S. government breach announced Thursdaylikely carried out attacks on health-insurance providers AnthemInc. and Premera Blue Cross that were reported earlier this year,said John Hultquist of iSight Partners Inc., a cyber-intelligencecompany that works with federal investigators.

The thefts are believed to be part of a larger effort by Chinesehackers to get health-care records and other personal informationon millions of U.S. government employees and contractors fromvarious sources, including insurers, government agencies andfederal contractors, said an American intelligence official,speaking on condition of anonymity.

The data could be used to target individuals with access tosensitive information who have financial, marital or other problemsand might be subject to bribery, blackmail, entrapment and othertraditional espionage tools, the official said.

"It is not only the scale that is of interest — 4 millionemployees — or even that the reason could be to use the informationto recruit spies in America, but that people are now part ofChina-critical nodes in their cyber strategy," said Rosita Dellios,an associate professor of international relations at BondUniversity on Australia's Gold Coast.

"Usually in cyber strategy, it is critical infrastructure likeenergy grids, transportation, and satellites that are mentioned.Here we have a whole class of people crucial to U.S. security beingtargeted," she said.

Previous Attack

The hackers, believed to have links to the Chinese government,got into the U.S. Office of Personnel Management computer systemlate last year, according to one U.S. official, who asked foranonymity to discuss the investigation. The intrusion was detectedin April and it took U.S. investigators a month to conclude thatthe files had been compromised. It was one of the largest breachesof government personnel data.

Indianapolis-based Anthem, which runs Blue Cross and Blue Shieldhealth plans, said in February that hackers stole information onabout 80 million customers, exposing Social Security numbers andother sensitive information. In March, Premera Blue Cross, aSpokane, Washington-based company that operates in the northwesternU.S., said information on 11 million people may have beenexposed.

'Hypothetical Accusations'

A spokesman for the Chinese Embassy in Washington, Zhu Haiquan,said his country's laws prohibit cybercrimes and China works tocombat violations.

"Cyber-attacks conducted across countries are hard to track andtherefore the source of attacks is difficult to identify," he saidin an e-mailed statement. "Jumping to conclusions and makinghypothetical accusation is not responsible andcounterproductive."

The revelations could complicate the agenda for ChinesePresident Xi Jinping's first state visit to the U.S. in September.Ties between the two countries already are strained over Americandemands that China stop its island-building program in the SouthChina Sea.

Security Clearances

In the government hack disclosed Thursday, the thieves accessedinformation on individuals who applied for or were granted securityclearances, among other things, according to a person familiar withthe investigation who asked for anonymity. Such data often includesdetailed interviews with friends and family members as well asinformation that could disqualify a candidate from receiving aclearance.

The personnel management office provides information on jobcandidates for agencies across the federal government, includingwhether those individuals are suitable for employment, according tothe OPM website.

The Federal Bureau of Investigation and the Department ofHomeland Security are investigating, according to a statement fromOPM.

The hackers who breached the government and health companycomputers used unique techniques that amount to a digitalfingerprint of sorts, allowing iSight researchers to link the threewith "high confidence," said Hultquist, head of cyber-espionagethreat intelligence at the Dallas-based company. Hultquist declinedto say whether his company is working on the investigations of theU.S. data breach or the health-care company hacks.

Intelligence Agency

If that link holds up, it would tie some of the largest hacks ofthe last year to a single group of state-sponsored cyberspies.

Two people familiar with the investigation said the hackers area unit linked to China's civilian intelligence agency, the Ministryof State Security.

"These aren't criminals and we don't expect this stuff to showup on the black market," Hultquist said. "We're still struggling tounderstand why this sort of data is being targeted."

The U.S. government plans to notify those who were potentiallyaffected by the breach, and is offering free credit report access,credit monitoring and identity-theft insurance to those whosepersonal information was compromised.

The OPM said investigators may find that additional personnelfiles were compromised as they review the breach.

"We take very seriously our responsibility to secure theinformation stored in our systems," OPM Director KatherineArchuleta said in the statement.

Russian Hackers

Donna Seymour, OPM's chief information officer, said theinformation stolen was typical for a personnel file, includingSocial Security number, date and place of birth and benefitselections. Bank accounts and health information weren't includedand there's no indication any specific category of workers weretargeted, she said.

U.S. Defense Secretary Ashton Carter said in April that Russianhackers had breached an unclassified Pentagon computer network. A"crack team of incident responders" began hunting the Russianswithin hours, he said in a speech at Stanford University thatwarned of the danger of cyber-attacks to the U.S. government.

Hackers are believed to have broken into an unclassified WhiteHouse computer network last year at the behest of the Russiangovernment. Some U.S. officials said the same hackers earlierbreached State Department computers.

The White House hack may have been in retaliation for sanctionsthe U.S. imposed on Russia after its annexation of Crimea in March2014, a person familiar with the incident said.

The Russian and Chinese governments have regularly dismissedallegations that they employ hackers to target U.S. computersystems.