-
A hacker allegedly hit the National Supercomputing Center of China in Tianjin, moving over 10 petabytes of sensitive data.
-
The stolen sensitive files reportedly include missile schematics, classified defense resources, and research linked to military organizations and top aerospace in China.
-
The bad actor is attempting to peddle with the data on Telegram, charging hundreds of thousands of dollars in crypto for full access.
A hacker, FlamingChina, just pulled off a stunt experts are calling the largest data heist ever recorded in China’s tech infrastructure. The hacker hit the National Supercomputing Center (NSCC) in Tianjin: a significant hub serving more than 6,000 clients, including defense and sophisticated science agencies across the country.
On February 6, the bad actor shared an excerpt of the alleged dataset on an anonymous channel on Telegram, claiming the data had details about aerospace engineering, bioinformatics, military research, fusion simulation, etc.
The group also alleged ties to prominent Chinese organizations including the National University of Defense Technology, the Commercial Aircraft Corporation of China, and the Aviation Industry Corporation of China.
CNN reached out to the Ministry of Science and Technology of China as well as the country’s Cyberspace Administration but received no comment.
Hacker Publicizes and Monetizes Classified Materials and Missile Schematics
Cybersecurity experts who looked into the leaked samples say the data may be genuine. The file reportedly had the Chinese phrase of “secret” stamped on them, alongside animated simulations, technical files, and renderings of defense gadgets including missiles and bombs.
A China-centered consultant, Dakota Cary, at an internet security organization, SentinelOne, looked into the excerpts and said they matched exactly what one would expect from a supercomputing center.
According to Cary, the range of samples the bad actor wants to sell shows how wide the customer base of this supercomputing center is. He added that a majority of customers would have little grounds to startup their personal supercomputing infrastructure independently.
Cybersecurity researcher Marc Hofer, author of the NetAskari blog, noted that the massiveness of the dataset makes it highly alluring to foreign intelligence networks. “It’s only them that can handle such data volume and extract useful materials,” he added. For context, 1 petabyte is equal to 1000 terabytes. A high-spec PC holds about 1 terabyte. The alleged heist sits at ten times that, a thousand times over.
The bad actor wants to sell a limited version of the data inventory for thousands of dollars. For full access, it’s worth hundreds of thousands, payable in virtual currency.
This extortion model, threatening to leak stolen data unless a ransom is paid, is the same tactic used by the MEDUSA ransomware group in their attack on Southwest C.A.R.E. Center, where they demanded payment to prevent the release of sensitive patient information on the dark web.
Bad Actor Stays Hidden For Six Months – Here’s How
Hofer reached out to the alleged bad actor directly through Telegram for inquiries. FlamingChina claimed they infiltrated the NSCC’s system via a compromised VPN domain. They launched a botnet (a system of automated programs) that quietly harvested, downloaded, and saved the data over at least six months.
Cary highlighted that the technique depended less on technical brilliance and more on smart setup. The bad actor distributed the extraction across many servers all at the same time, collecting small volumes of data from each.
“Anyone on the side of defense hardly notices the small data volumes leaving the system compared to when it’s a large volume leaving at once to one destination,” Gary implied. He added that the technique, even though it’s effective, was not new. “How they pulled out the information was nothing particularly incredible,” he said.
Breach Blows Open an Overlooked Weakness in Cyber Defenses of China
The alleged breach, if verified, hints at a deeper and persistent loophole in China’s tech system; one that exists even as the nation competes with the United States in innovation and Artificial Intelligence.
In 2021, a massive database housing personal information of close to one billion Chinese citizens sat unsecured and publicly accessible for over a year before an anonymous hacker brought it up on a forum in 2022.
Cary says the pattern is consistent with what Chinese policymakers themselves have admitted. “They’ve really had inadequate cybersecurity for quite a long time across many organizations and industries,” he told CNN.
China’s own 2025 National Security White Paper acknowledged the gap, listing the strengthening of cybersecurity mechanisms for key information infrastructure as a national priority.
The country is still catching up, and this breach may be the starkest proof yet of how much ground remains to be covered.
