(Bloomberg) — Hackers stole Social Security numbers and otherpersonal data for about 22.1 million people in breaches of the U.S.government's personnel office, the Obama administration said.

The Office of Personnel Management disclosed the results of aninvestigation into the hacks Thursday. The total includes new datarelated to the breach of security clearance applications as well asinformation previously released on the theft of personnelrecords.

"We live in a world where the cybersecurity threats we arefacing are increasingly growing broader," Michael Daniel, WhiteHouse cybersecurity coordinator, told reporters in a conferencecall announcing the findings. "The adversaries are growing moresophisticated."

The Chinese government is a leading suspect behind the attack,according to Director of National Intelligence James Clapper, somelawmakers and cybersecurity companies that conduct forensicsinvestigations.

Daniel declined to confirm whether China was responsible.However, he indicated the Obama administration already has movedbehind the scenes to take action in response to the attack.

"Just because we're not doing public attribution does not meanwe're not taking steps to deal with the matter," he said.

Breach magnitude

Of the 22.1 million people, 21.5 million were affected in thesecurity-clearance breach, including 19.7 million who applied for abackground investigation and 1.8 million non- applicants such asspouses of applicants. In a separate breach, the agency said 4.2million people had their personnel records stolen. Of those, 3.6million are included in the total released Thursday.

Personal information, including fingerprints and passwords, fromU.S. job applicants who went through federal government backgroundchecks while applying for security clearances was breached in theintrusions, which OPM discovered in April.

There's no evidence that the stolen data is being used forcriminal or other nefarious purposes, Archuleta said.

The new numbers vastly expand the publicly disclosed scope ofthe hack, which targeted federal government employees andcontractors.

'Highly likely'

"If an individual underwent a background investigation throughOPM in 2000 or afterwards," OPM said in a release Thursday, "it ishighly likely that the individual is impacted by this cyberbreach."

OPM said the types of information compromised includes "SocialSecurity Numbers; residency and educational history; employmenthistory; information about immediate family and other personal andbusiness acquaintances; health, criminal and financial history; andother details."

Several government employees have expressed frustration in thewake of the hack, accusing OPM of withholding information about itsscope and failing to provide adequate protections against identitytheft.

U.S. Treasury employees filed suit this week seeking lifetimecredit monitoring and calling the attack a violation of theconstitutional right to privacy. The American Federation ofGovernment Employees placed a full-page ad in Politico on Thursday,calling for OPM to release more information about the scope of thebreach.

"AFGE remains frustrated by the lack of information beingprovided by OPM on the number of current, retired and prospectiveemployees whose information was stolen," the labor union saidThursday in a statement. "OPM also has not detailed whatinformation was stolen, leaving millions of employees anxiouslywaiting for answers."

The union, which has called for free lifetime credit monitoringfor affected individuals, filed a class-action complaint againstOPM last month.

OPM has offered credit monitoring and identity theft services toaffected employees.

–With assistance from Alex Wayne in Washington.