One sign: None of the data has been credibly offered for sale on underground markets popular among professional identity thieves, The Associated Press has learned.
Investigators inside US intelligence and law enforcement agencies, using secret "beacons" employed across the Internet, have been monitoring data transmissions across overseas networks for the file properties associated with the American personnel records, and scouring communications among targeted foreign hackers for credible references to the theft, two people directly involved in the investigation said.
Investigators also have watched underground markets where identity thieves peddle information and found no trace of the data stolen from the US Office of Personnel Management, a central government personnel database, they said.
In the chessboard world of espionage, they also acknowledged that by revealing what they said was indirect evidence that spying was actually the motive, it might encourage Beijing's government to sell at least some of the data surreptitiously to implicate identity thieves in what would be a counter-counterintelligence false-flag operation.
More From This Section
The administration acknowledged earlier this month that hackers stole the personnel files and background investigations of current and former civilian, intelligence and military employees, contractors and even job applicants.
Initially, the US said the stolen data included personal identification numbers, birth dates, job actions and other private information for 4.2 million workers.
Days later, it acknowledged that the cyber spies obtained detailed background information on millions of military, intelligence and other personnel who have been investigated for security clearances.
White House spokesman Josh Earnest yesterday said President Barack Obama continues to have confidence in OPM's director, Katherine Archuleta. But some members of Congress urged her to resign.