Some current and former federal government employees are taking a look at their credit activity after the Justice Department said this week that data stolen by suspected Chinese hackers in 2014 cyberattacks at the Office of Personnel Management may have been used to commit identity fraud.

Federal prosecutors on Monday said a Maryland couple had pleaded guilty to using information stolen in the OPM breach to set up fraudulent car-loan applications with a Newport News, Va., credit union.

Disclosure of the car-loan scheme, which took place in 2015 and 2016, has prompted new worries of potential identity theft for the more than 21 million current and former federal employees and contractors affected by the breach, which exposed Social Security numbers, addresses and other sensitive information, in addition to 5.6 million fingerprints.

The Maryland scheme also confused cybersecurity investigators who, along with the U.S. government, had concluded the Chinese government was behind the breach, motivated by the espionage value of the database and not by financial gain.

A spokesman for the U.S. attorney in the Eastern District of Virginia, where the case is being prosecuted, declined to elaborate on how those charged in the case might have obtained the OPM files. In a statement Thursday, the spokesman said numerous victims of the fraud scheme had “self-identified” as OPM breach victims and that the government was investigating how the crimes were carried out.