- Hacker obtained over 10 petabytes of data from China's National Supercomputing Center in Tianjin
- Leaked data includes classified defense documents and missile schematics, raising security concerns
- Data breach occurred over months via compromised VPN and automated extraction methods
A hacker has reportedly obtained an enormous cache of highly sensitive data from a state-run Chinese supercomputing facility, in what could be one of the most significant data breaches the country has ever faced, CNN reported. The alleged leak includes more than 10 petabytes of information, ranging from classified defense documents to detailed missile schematics, raising serious concerns about national security and cybersecurity resilience.
To put the scale in perspective: One petabyte equals 1,000 terabytes, and a high-specification laptop typically holds around one terabyte.
Experts believe the data may have been extracted from the National Supercomputing Center in Tianjin (NSCC), a key facility that provides computing infrastructure to over 6,000 clients across China. These include institutions involved in advanced scientific research as well as defense-related work. Established in 2009 as China's first supercomputing hub, the Tianjin center is part of a broader network of similar facilities located in major cities such as Guangzhou, Shenzhen, and Chengdu.
Cybersecurity researchers who have examined portions of the leaked material and communicated with the alleged hacker suggest that the breach may have occurred over several months without detection. The attacker, operating under the name “FlamingChina,” shared samples of the purported dataset on an anonymous Telegram channel in early February.
According to the claims, the data spans multiple fields, including aerospace engineering, military research, bioinformatics, and fusion simulation. It is also said to be linked to prominent organisations such as the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology.
While the full dataset is reportedly being offered for sale at a high price, potentially hundreds of thousands of dollars, smaller previews have allegedly been made available for thousands, with transactions requested in cryptocurrency. Independent verification of these claims, though, remains challenging.
However, several experts who reviewed the sample data noted the presence of documents labelled "secret" in Chinese, alongside technical files, simulations, and renderings of military equipment.
"They're exactly what I would expect to see from the supercomputing center. You would use supercomputer centers for large computational tasks. The swath of samples that the sellers put out kind of really speaks to the breadth of customers that this supercomputing center had," said Dakota Cary, a consultant at cybersecurity firm SentinelOne.
How did the breach happen?
Preliminary analysis suggests that the breach may not have relied on highly sophisticated techniques but instead exploited weaknesses in system architecture. The attacker claimed to have gained access through a compromised VPN domain and used automated tools to systematically extract data over a six-month period.
The attacker minimised detection risk by distributing extraction across multiple systems, making it harder to spot small data transfers. "Somebody on the defensive side is less likely to notice small amounts of data leaving the system," Cary explained. He noted this method, though effective, isn't especially innovative.
If confirmed, the incident could expose deeper structural vulnerabilities in China's digital infrastructure, particularly at a time when the country is striving to strengthen its position in advanced technology and artificial intelligence.
