Chinese hackers are suspected of carrying out a "massive breach" affecting the data of millions of US government workers, officials said.
The Office of Personnel Management (OPM) confirmed on Thursday that almost four million current and past employees have been affected.
The breach could potentially affect every federal agency, officials said.
Susan Collins, a member of the Senate Intelligence Committee, said the attack was thought to originate in China.
The Chinese embassy in Washington warned against "jumping to conclusions".
Embassy spokesman Zhu Haiquan told Reuters news agency that the accusations were "not responsible, and counterproductive".
It is the scale of what the OPM calls a "cyber intrusion" in April this year that is breathtaking - the records of four million former and current government employees may have been breached.
The agency is contacting all of those potentially affected, offering to insure them against identity fraud. Of even greater concern may be the fact that security clearance information on government officials could have been targeted.
US officials are only too aware of the real damage caused by such virtual threats. In the past year, a growing number of government agencies and companies - most notoriously Sony Pictures - have fallen victim to such attacks.
OPM serves as the human resource department for the federal government. The agency issues security clearances and compiles records of all federal government employees.
Information stored on OPM databases includes employee job assignments, performance reviews and training, according to officials.
The breach did not involve background checks and clearance investigations, officials said.
Mrs Collins called the breach "yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances".
Using a new cyber security system known as Einstein, the OPM detected a "cyber-intrusion" in April 2015. The FBI said it was investigating the breach.
Ken Ammon, chief strategy officer of Xceedium - a cyber security firm - warned that the hacked data could be used to impersonate or blackmail federal employees with access to sensitive information.
Congressman Adam Schiff has called for cyber databases to be upgraded in light of the most recent attack.
Americans "expect that federal computer networks are maintained with state of the art defences", Mr Schiff said.
"The cyber threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily basis, and it's clear that a substantial improvement in our cyber databases and defences is perilously overdue."