On June 4, the OPM announced that it was the victim of an attack in which hackers had access to the data of four million federal employees.
That same day, unnamed US officials, in interviews with the Wall Street Journal and the New York Times, said state-backed Chinese hackers were behind the attacks. None of the sources, however, indicated the grounds for the accusations.
The White House has not publicly attributed the attack to anyone, and may never do so.
"I can't promise you that we'll be in a position at any point in the future to make a grand pronouncement about who may have been responsible for this particular intrusion," White House press secretary Josh Earnest said at a June 9 briefing.
Now, three weeks after the hack was revealed, the number of former, current and prospective federal employees who may have had their personal information compromised has swelled to as many as 18 million.
And although a lack of evidence persists, American politicians and officials continue to boldly blame China for the attack, although they have since stepped out of the cover of anonymity.
Senator Harry Reid, the Democratic leader, said the hack into the OPM data was carried out by "the Chinese," without specifying whether he meant the Chinese government or individuals.
More recently, former Arkansas governor and 2016 Republican presidential hopeful Mike Huckabee wrote on his blog:
"We should hack the cell phones of some prominent Communist party leaders, hack the bank accounts of intelligence officials, publicly humiliate Chinese families for political corruption, or wipe-out a few critical Chinese computer systems."
On Thursday, Director of US National Intelligence James Clapper said the Chinese are "the leading suspect" in the massive data breach.
But Admiral Michael Rogers, commander of US Cyber Command and director of the National Security Agency, was quick to correct a reporter who asked how the NSA was going about attributing the breach to the Chinese government.
"You've put an assumption in your question," he responded. "I'm not going to get into the specifics of attribution. It's a process that's ongoing."
In the past, when the NSA has been confident that it knows who is behind an attack, it has been quickly to publicly implicate whom it believed to be guilty, as Patrick Tucker of Defense News points out:
"Rogers's hedged response … comes in stark contrast to the NSA's approach to attribution during the Sony hack. In that case the FBI, working with the NSA and DHS, quickly named North Korea as the perpetrator, resulting in the prompt issuance of sanctions."
As for why that collaboration has not yet worked in the case of the OPM hack, Rogers said: "every dataset is different."
