A hacker has allegedly stolen a large trove of delicate data – together with extremely categorized protection paperwork and missile schematics – from a state-run Chinese supercomputer in what may probably represent the most important recognized heist of data from China.
The dataset, which allegedly accommodates greater than 10 petabytes of delicate info, is believed by specialists to have been obtained from the National Supercomputing Center (NSCC) in Tianjin – a centralized hub that gives infrastructure companies for greater than 6,000 shoppers throughout China, together with superior science and protection businesses.
Cyber specialists who’ve spoken to the alleged hacker and reviewed samples of the stolen data they posted on-line say they appeared to acquire entry to the large laptop with comparative ease and had been in a position to siphon out large quantities of data over the course of a number of months with out being detected.
An account calling itself FlamingChina posted a pattern of the alleged dataset on an nameless Telegram channel on February 6, claiming it contained “research across various fields including aerospace engineering, military research, bioinformatics, fusion simulation and more.”
The group alleges the data is linked to “top organizations” together with the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology.
CNN has reached out to China’s Ministry of Science and Technology in addition to the Cyberspace Administration of China for remark.
Cyber safety specialists who’ve reviewed the data say the group is providing a restricted preview of the alleged dataset, for hundreds of {dollars}, with full entry priced at a whole bunch of hundreds of {dollars}. Payment was requested in cryptocurrency.
CNN can’t confirm the origins of the alleged dataset and the claims made by FlamingChina, however spoke with a number of specialists whose preliminary evaluation of the leak indicated it was real.
The alleged pattern data appeared to embody paperwork marked “secret” in Chinese, together with technical information, animated simulations and renderings of protection gear together with bombs and missiles.
“They’re exactly what I would expect to see from the supercomputing center,” mentioned Dakota Cary, a marketing consultant at cybersecurity agency SentinelOne who focuses on China and has reviewed the samples positioned on-line from the alleged hack.
“You would use supercomputer centers for large computational tasks. The swath of samples that the sellers put out kind of really speaks to the breadth of customers that this supercomputing center had,” Cary mentioned.
Most of these clients would have little purpose to keep their very own supercomputing infrastructure independently, he added.
The Tianjin middle — the primary of its variety in China when it opened in 2009 — is one of a number of supercomputing hubs situated in main cities together with Guangzhou, Shenzhen, and Chengdu.
According to Marc Hofer, a cybersecurity researcher and creator of the weblog NetAskari, the scale of the dataset would make it engaging to adversarial state intelligence companies.
“Only they probably have the capacity to work through all this data and come back with something useful.”
To put the size in perspective: one petabyte equals 1,000 terabytes, and a high-spec laptop computer sometimes holds round one terabyte.
“There are leaks from China’s cyber ecosystem that I’m familiar with that have sold very quickly,” Cary advised CNN. “I’m sure that there are plenty of governments globally that are interested in some of the data at the NSCC, but many of those governments that are interested also may already have the data.”
Hofer, who reviewed the pattern of the leak, mentioned he was in a position to contact on Telegram a one who claimed they’d carried out the hack. The attacker claimed to have gained entry to the Tianjin supercomputer by means of a compromised VPN area.
Once inside, the attacker advised Hofer they deployed a “botnet” — a community of automated applications that had been in a position enter the NSCC’s system and then extract, obtain and retailer the data. The extraction of 10 petabytes of data took round six months.
CNN couldn’t independently confirm the account the hacker gave to Hofer.
Cary mentioned the method was much less about technical sophistication and extra about structure.
“You can think of it as having a bunch of different servers that you have access to and you’re pulling data through this hole in the security of the NSCC — pulling some down to one server, some down to the next,” he mentioned.
By distributing the extraction throughout many programs concurrently, the attacker decreased the chance of triggering an alert. Somebody on the defensive aspect is much less possible to discover small quantities of data leaving the system in contrast to massive quantities of data going to one location, Cary mentioned.
Cary added that the strategy, whereas efficient, was not notably distinctive.
“It wasn’t, at least my read on it, anything particularly incredible in the way that they pulled out this information,” he mentioned.
The alleged breach, if real, factors to a probably deeper vulnerability in China’s know-how infrastructure because it vies with the United States to be a world class know-how innovator and AI chief. Cybersecurity has lengthy been a recognized weak point throughout each the federal government and personal sector, in accordance to Cary.
In 2021, a large on-line database apparently containing the non-public info of up to one billion Chinese residents was left unsecured and publicly accessible for greater than a 12 months till an nameless consumer in a hacker discussion board provided to sell the data and introduced it to wider consideration in 2022.
“They’ve really had poor cybersecurity for a very long time across a wide number of industries and organizations,” Cary advised CNN. “If you look at what Chinese policymakers say themselves, cybersecurity in China has not been good. They would say it’s still improving at this point in time.”
China’s personal authorities has acknowledged as a lot.
The nation’s National Security White Paper in 2025 listed constructing “robust security barriers for the network, data, and AI sectors” as a key precedence, including that “China has continued to strengthen the development of coordinated cybersecurity mechanisms, means, and platforms to ensure the security and reliability of key information infrastructure.”
