Cybercriminals acting on their own were to blame for the major data breach at the Office of Personnel Management (OPM) in the US earlier this year, China’s Xinhua News Agency has reported.

The incident, which affected over 21.5 million people, was originally thought to have been the result of a state-sponsored attack.

However, according to the influential Chinese news outlet, an investigation into the matter has concluded otherwise. Suspects have also been arrested.

The US has yet to confirm whether it agrees with this outcome, nor has it commented on whether it was involved in the inquiry.

Data that was stolen from the OPM included social security numbers; residency and educational history; employment history; and criminal and financial history. It was later revealed that fingerprints had also be taken.

News of this was supposedly disclosed during the first “high-level joint dialogue on cybercrime” between the two countries.

This development is seen as something of a watershed moment, as the US has been particularly wary of China’s covert cyber activities.

The focus of the talks, which were held at the Department of Justice in Washington, DC, was on discussing ways in which both sides can better work together on this ever-growing threat.

“Both sides decided to further develop case cooperation on combatting cyber-enabled crimes, including child exploitation, theft of trade secrets, fraud and misuse of technology and communications for terrorist activities, and to enhance exchanges on network protection,” the Department of Justice stated in an official press release.

“Both sides decided to improve cooperation among the relevant agencies, within the framework of the high-level dialogue, on network protection issues.”

The meeting was co-chaired by US attorney general Loretta E. Lynch, department of homeland security secretary Jeh Johnson and China’s state councilor and minister of public security Guo Shengk.