The U.S. government says the fingerprints of five times as many people as originally believed were included in the data hacked from Office of Personnel Management computers earlier this year.
OPM says hackers were able to steal the prints of some 5.6 million people; the original estimate was 1.1 million.
All are among the 21.5 million people — mainly government workers who underwent background checks and their families — whose data were stolen in the massive breach disclosed in June.
White House spokesman Josh Earnest said Wednesday that he did not have any further details on who is responsible for the breach, but privately, U.S. officials have pointed to China.
Chinese President Xi Jinping will meet with President Obama later this week, and cybercrimes are expected to be a major topic of their discussions. The U.S. has warned China that economic sanctions may be imposed if the cyberbreaches continue.
Xi has denied that his government is responsible for the attacks.
In response to the OPM hack, the U.S. has offered limited credit monitoring and ID theft protection to those whose records were stolen.
Officials worry the fingerprint data could possibly be used to identify intelligence agents, though they have not seen any evidence of that so far.
In a statement, OPM said federal experts believe that "as of now the ability to misuse fingerprint data is limited. However this probability could change over time as technology evolves."