The House Oversight hearings on OPM in 2015. Photo: Mark Wilson/Getty Images

Last month, Maryland resident Kavira Cross pleaded guilty to applying for fraudulent loans using personal information stolen in the 2015 U.S. Office of Personnel Management breach. The plea immediately raised some uncomfortable questions about the OPM breach, in which 21 million Americans' personal information was stolen.

The big picture: The U.S. attributed the breach to a Chinese intelligence operation. But surely China would not have orchestrated an attack on a federal agency just to help an American woman defraud a credit union? Here's where it's important not to jump to conclusions.

Why it matters: It's hard to look at the Cross plea without wondering about the attribution. "All prior public information was that this data breach was caused by Chinese hackers,” Sen. Mark Warner (D-Va.) wrote in a July 21 letter to the Justice Department. “Yet, according to the DOJ, this information is now in the hands of U.S. residents for illicit use, and may have been as early as 2015."

The U.S. has even arrested a Chinese national last year in the case. If Cross, rather than China, had hacked OPM — again, please don't jump to this conclusion — the U.S. would pay a big price in lost credibility. But experts say there are other explanations in play.

The background: Some of this confusion is of the Department of Justice's making.

  • The original June 18 DOJ press release about the Cross case said she had "participat[ed] in a scheme to use the stolen information of victims of the [OPM breach]." It read to many like the scheme involved either stealing or purchasing stolen OPM records.
  • Three days later, after confusion began to mount, the DOJ scrubbed the press release of any mention of OPM. But a note explain the change didn't answer many of the fundamental questions: "Numerous victims of the [Langley Federal Credit Union] identity theft fraud also identified themselves to DOJ as victims of the OPM Data Breach. The Government continues to investigate the ultimate source of the [personal information] used by the defendants and how this [personal information] was obtained. "

Be smart: "The story is weird, and we don’t know the provenance of the data," cautioned Toni Gidwani, director of research operations at ThreatConnect. "We’re in a space where there are multiple, plausible explanations for how she got the data."

  • Criminals tend to use current events as lures in phishing attacks designed to get people to give up personal information. In fact, in 2015, the Department of Homeland Security's U.S. Computer Emergency Readiness Team warned about phishing attacks related to the OPM theft.
  • OPM, as its name implies, stores data on federal employees and those who applied for federal jobs. Any stolen data set rich in names of current and former federal employees — even, say, a list of Northern Virginia residents — might have significant overlaps with the OPM breach data.
  • It's way too early to question the China attribution, said Gidwani and other experts.

Go deeper

U.S. vs. Google — the siege begins

Illustration: Sarah Grillo/Axios

The Justice Department fired the starter pistol on what's likely to be a years-long legal siege of Big Tech by the U.S. government when it filed a major antitrust suit Tuesday against Google.

The big picture: Once a generation, it seems, federal regulators decide to take on a dominant tech company. Two decades ago, Microsoft was the target; two decades before that, IBM.

Dion Rabouin, author of Markets
49 mins ago - Economy & Business

Why the stimulus delay isn't a crisis (yet)

Illustration: Aïda Amer/Axios

If the impasse between House Speaker Nancy Pelosi and the White House on a new stimulus deal is supposed to be a crisis, you wouldn't know it from the stock market, where prices continue to rise.

  • That's been in no small part because U.S. economic data has held up remarkably well in recent months thanks to the $2 trillion CARES Act and Americans' unusual ability to save during the crisis.
59 mins ago - World

Israel's secret embassy in Bahrain

Illustration: Annelise Capossela/Axios

This story is from Barak Ravid's new weekly newsletter, Axios from Tel Aviv, which launches today. Sign up here.

Israel has been conducting undercover diplomacy in Bahrain for more than a decade through a front company listed as a commercial consulting firm.

Why it matters: The existence of the covert diplomatic mission in the Bahraini capital Manama shows the depth of a secret relationship that came out into the open with a White House ceremony last month.