The Office of Personnel Management announced Wednesday that 5.6 million sets of fingerprints were taken in the data breach which impacted 21.5 million government workers. Previously, OPM had said the number of sets of fingerprints taken was 1.1 million.

Press Secretary Samuel Schumach issued a statement Wednesday saying OPM has “been analyzing impacted data to verify its quality and completeness.” He adds, “During that process, OPM and DoD identified archived records containing additional fingerprint data not previously analyzed.” OPM’s statement does not explain in any detail why its earlier estimate of the number of fingerprint sets taken by hackers was off by 4.5 million.

According to OPM the potential for misuse of fingerprints is “limited.” However, since fingerprints do not change over time and technology does, OPM allows that “this probability could change over time.” The FBI, DHS and DOD are said to be working on ways to prevent future misuse of the hacked fingerprints. In the meantime, OPM is offering credit monitoring service to all those impacted by the hack.

One biometrics expert believes the hack of fingerprints is a potential disaster for U.S. spies. “A secret agent’s name might be different. But they’ll know who you are because your fingerprint is there. You’ll be outed immediately,” Ramesh Kesanupalli told CNN.

Multiple news reports have indicated the hack of OPM originated in China. President Obama has indicated China could face repercussions for its theft of personal information and the ongoing hacks of proprietary information belonging to private U.S. companies. Last week Obama told a business gathering, “We are preparing a number of measures that will indicate to the Chinese that this is not just a matter of us being mildly upset but something that will put significant strains on the bilateral relationship if not resolved.”

So far, the President has not outlined what those measures might be.