WASHINGTON—The Federal Bureau of Investigation performed potentially millions of searches of American electronic data last year without a warrant, U.S. intelligence officials said Friday, a revelation likely to stoke longstanding concerns in Congress about government surveillance and privacy.

An annual report published Friday by the Office of the Director of National Intelligence disclosed that the FBI conducted as many as 3.4 million searches of U.S. data that had been previously collected by the National Security Agency.

Senior Biden administration officials said the actual number of searches is likely far lower, citing complexities in counting and sorting foreign data from U.S. data. It couldn’t be learned from the report how many Americans’ data was examined by the FBI under the program, though officials said it was also almost certainly a much smaller number.

The report doesn’t allege the FBI was routinely searching American data improperly or illegally.

The disclosure of the searches marks the first time a U.S. intelligence agency has published an accounting, however imprecise, of the FBI’s grabs of American data through a section of the Foreign Intelligence Surveillance Act, the 1978 law that governs some foreign intelligence gathering. The section of FISA that authorizes the FBI’s activity, known as Section 702, is due to expire next year.

While the ODNI report doesn’t suggest systemic problems with the searches, judges have previously reprimanded the bureau for failing to comply with privacy rules. Officials said the FBI’s searches were vital to its mission to protect the U.S. from national-security threats. The frequency of other forms of national-security surveillance detailed in the annual report generally fell year over year, in some cases continuing a multiyear trend.

The 3.4 million figure “is certainly a large number,” a senior FBI official said in a press briefing Friday on the report. “I am not going to pretend that it isn’t.”

More than half of the reported searches—nearly two million—were related to an investigation into a national-security threat involving attempts by alleged Russian hackers to break into critical infrastructure in the U.S. Those searches included efforts to identify and protect potential victims of the alleged Russian campaign, senior U.S. officials said.

Officials declined to give more details on the alleged Russian threat, including whether it was linked to the Russian government or a criminal hacking group. Russia has historically denied accusations of hacking the U.S. or other nations.

The number of searches of American data doesn’t correspond to the number of Americans who may have had their personal information examined.

An individual’s name, telephone number, email addresses and social security number can all be searched, sometimes repeatedly, and each instance of each term would count as a search. Searches of U.S. information can pertain to data about U.S. citizens, lawful permanent residents and U.S. companies. And searches can yield a mix of metadata and content of collected communications.

One source of the discrepancy between the 3.4 million figure and the potentially much lower quantity of searches of Americans’ data: Sometimes FBI analysts perform large searches of hundreds or thousands of terms, and if just one term in the batch is associated with an American or U.S. entity, all the terms would be counted as a potential search of U.S. data, officials said.

The FBI conducted approximately 3.39 million searches using the identity of a presumed U.S. person from Dec. 1, 2020, to Nov. 30, 2021, according to the report. The number of searches for the previous 12-month period was about 1.3 million.

The searches described by Friday’s ODNI report concern a large repository of electronic data collected by the NSA under Section 702 of FISA.

Section 702 was passed into law in the years following the Sept. 11, 2001, terrorist attacks to enable the U.S. to spy on non-Americans overseas. The NSA uses the Section 702 program to collect intelligence from international phone calls and emails about terrorism suspects, cyber threats and other security risks.

Data on Americans is often vacuumed up as well, for example when a foreign spy is communicating with someone in the U.S. or when two overseas targets are talking about an American.

Some congressional lawmakers have asked the FBI to disclose how often it taps into that data to look at U.S. information, arguing that doing so amounts to a backdoor search on Americans that dispenses with requirements to obtain a warrant. U.S. intelligence officials have broadly defended Section 702 as among the most valuable national-security tools at their disposal.

Congress last renewed Section 702 in 2018, and then-President Donald Trump signed the renewal into law after openly questioning the measure over unsubstantiated concerns that it was used to spy on his presidential campaign. It is set to expire again at the end of next year, and current and former intelligence officials have said they anticipate a bruising political battle.

“For anyone outside the U.S. government, the astronomical number of FBI searches of Americans’ communications is either highly alarming or entirely meaningless,” Sen. Ron Wyden (D., Ore.), a privacy advocate, said. “Somewhere in all that over-counting are real numbers of FBI searches, for content and for noncontent—numbers that Congress and the American people need before Section 702 is reauthorized.”

The FBI has previously faced scrutiny for its oversight of how authorities plumb Section 702 data, including a rebuke from the Foreign Intelligence Surveillance Court in 2018 that found some searches violated the constitutional privacy rights of Americans.

In response, the FBI has imposed new safeguards meant to better ensure compliance. Those include a requirement that all searches involving 100 or more query terms get additional approvals and that analysts actively opt in to search Section 702 data, rather than passively allowing it.

Friday’s report also revealed four instances last year in which the FBI, due to specific factual considerations about a search of data, should have sought approval from the Foreign Intelligence Surveillance Court before performing a search and looking at the content of U.S. communications that were produced.

The FBI has never sought approval from the court since the requirement was adopted in 2018, officials said.

Write to Dustin Volz at dustin.volz@wsj.com