Beijing on Friday labelled as "irresponsible" reports that Chinese hackers were behind a massive cyber-attack on personal data of millions of current and former US federal employees.

The US government on Thursday said that hackers accessed the personal data of at least four million current and former federal employees. Officials told US media that China was suspected.

"Cyber-attacks are generally anonymous and conducted across borders and their origins are hard to trace," foreign ministry spokesman Hong Lei said at a regular briefing.

"Not to carry out a deep investigation and keep using words such as 'possible' is irresponsible and unscientific," he added.

"As a result of the incident," uncovered in April, the US Office of Personnel Management said it "will send notifications to approximately four million individuals."

It added that additional exposures "may come to light."

The government's personnel department handles hundreds of thousands of sensitive security clearances and background investigations on prospective employees each year.

It was not immediately clear whether the hack affected President Barack Obama, other senior government officials or the intelligence community.

The Washington Post and other US media cited government officials as saying that Chinese hackers were behind the breach.

"We have seen a lot of media reports and opinions like this recently," Hong said.

The Chinese embassy in Washington countered that such attacks would not be allowed under Chinese law.

"Chinese laws prohibit cyber-crimes of all forms. China has made great efforts to combat cyber-attacks in accordance with Chinese laws and regulations," embassy spokesman Zhu Haiquan said.

The FBI and Department of Homeland Security are said to be leading an investigation into the attack. The FBI in a statement said it "will continue to investigate and hold accountable those who pose a threat in cyber-space."

The government said it will, through a third party, offer $1 million in identity theft protection services at no cost.

"Protecting our federal employee data from malicious cyber-incidents is of the highest priority," Office of Personnel Management director Katherine Archuleta said.

Her agency said the intrusion may have begun late last year and "predated the adoption of the tougher security controls".

The new measures include restricting remote access, screening business connections and deploying anti-malware software.

-Major Breaches-

The incident is the latest in a series of major breaches that have shown the vulnerability of the federal government.

Last year Russian hackers are believed to have accessed unclassified computer systems at the White House and State Department.

Hackers stole information on 100,000 taxpayers from online computers of the US Internal Revenue Service.

The United States has struck an increasingly strident tone about cyber-attacks in recent months.

Admiral Michael Rogers, who heads the National Security Agency and US Cyber Command, has said that future attacks could prompt a response with conventional weapons.

In February, US Director of National Intelligence James Clapper said a steady stream of low-level cyber-attacks posed the most likely danger to the United States, rather than a potential digital "armageddon."

Obama has ranked China and Russia's cyber-attack capabilities as "very good," Iran's as "good," and North Korea's as not "particularly good."

China operates a vast domestic security and surveillance apparatus.

In a recent white paper, Beijing said it would "expedite the development of a cyber-force" within the People's Liberation Army.

In 2013, US Internet security firm Mandiant said its hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies "are based primarily in China and that the Chinese government is aware of them".

One group, it said, was believed to be a branch of the People's Liberation Army called Unit 61398, and digital signatures from its cyber-attacks were traced back to a building in Shanghai.

Last year, five members of the unit were indicted by US federal prosecutors on charges of stealing information from companies, including nuclear plant manufacturer Westinghouse, SolarWorld and US Steel.

China is increasingly concerned about US cyber-spying and has ordered many government departments to avoid using foreign technology.