"Virulent" organised fraud in the tax credit system is the result of illicit access to government payroll records, the UK's Revenue chief has said.
Job Centre staff have been among the victims of the fraud
HM Revenue & Customs executive director David Varney told MPs as many as 13,000 civil servants' personal information had been stolen.
He was appearing before the House of Commons Public Accounts Committee.
HMRC was forced to close the tax credit system's online portal on 1 December following abuse by organised crime.
The credits are intended to supplement the income of families and those on low incomes.
But as the BBC News website reported in October, organised gangs saw the system as "low-hanging fruit" - a low-risk, high-reward form of volume fraud.
Criminals made multiple online applications using false and stolen identities, and took advantage of limited checking of online applications.
But they also used the identities of Department of Work and Pensions civil servants - extracted, BBC News understands, from payroll records from the 2003-4 financial year.
It remains unclear how the data were leaked, although fraud specialists believe abuse by insiders - rather than external electronic hacking - is the most likely scenario.
Mr Varney acknowledged the data leak to MPs, describing the extent of the assault as "really virulent".
"The number, to the best of our knowledge, is 13,000 because a particular list was stolen or passed over," he said.
When asked whether there might be other lists in the wrong hands, he answered: "Yes."
The losses identified to date amount to £15m, Mr Varney said, although many experts believe that accounts only for positively investigated cases - and Mr Varney acknowledged that HMRC was "still at a very early stage of knowing what the extent of this fraud is".