The comments from Clapper, the director of National Intelligence (DNI), were first reported in The Wall Street Journal and marked the first time the Obama administration has publicly accused Beijing of the hacking attacks on the Office of Personnel Management.
"You have to kind of salute the Chinese for what they did," given the difficulty of the intrusion, the Journal quoted Clapper as saying at a Washington intelligence conference.
In a statement, Clapper's office confirmed that he had identified China as a leading suspect, although it said the U.S. government investigation was ongoing.
U.S. officials have previously blamed the attacks on Chinese hackers, though not publicly. White House spokesman Josh Earnest on Thursday declined to comment on any potential suspects.
OPM Director Katherine Archuleta told the Senate Homeland Security Committee on Thursday that personnel data of 4.2 million current and former federal employees was compromised in one security breach and that another attack, targeting those applying for security clearances, had affected millions more.
Some media have reported that as many as 18 million Americans could have been affected.
Clapper's comments came a day after the conclusion of three days of high-level talks between China and the United States in Washington at which cyber-security figured prominently.
U.S. Secretary of State John Kerry said on Wednesday there had been no U.S. "finger-pointing" during those meetings about cybertheft "and whether or not it was actioned by government, or whether it was hackers, or individuals the government has the ability to prosecute."
Kerry also said, however, the U.S. side had made "crystal clear" that cybertheft was not acceptable. He said the United States believed there was a need to work with China to develop a "code of conduct" on state behaviour in cyberspace and that China had agreed.
"It's something that we agreed needs to be addressed and hopefully it can be addressed soon," State Department spokesman John Kirby said on Thursday.
White House spokesman Earnest cautioned against guessing at what response the United States might take against those responsible for the attacks. "If there is a response, it's probably not one we are likely to telegraph in advance," he said.
The Journal cited Clapper as saying the U.S. government and American companies would continue to be targets until policymakers addressed the "lack of deterrents."
Clapper said the absence of a U.S. threat to respond to hacking attacks meant Washington had to put its focus instead on defence, the newspaper reported.
China has dismissed as "irresponsible and unscientific" any suggestion that it was behind the hacking. China's top diplomat, State Councillor Yang Jiechi, said after Wednesday's talks that the two countries should work together on cyber-security.
© Thomson Reuters 2015