Beijing/Tianjin – April 2026: A hacker has allegedly breached a major Chinese supercomputing facility and is attempting to sell what could be one of the largest troves of stolen data in history, raising serious concerns about cybersecurity vulnerabilities in critical infrastructure.
According to cybersecurity experts, the breach is believed to involve the National Supercomputing Center (NSCC) in Tianjin, a state-run facility that supports thousands of clients, including scientific institutions, industrial firms, and defense-related organizations.
The hacker, operating under the name “FlamingChina,” claims to have extracted more than 10 petabytes of data — an enormous volume equivalent to millions of gigabytes — over a period of several months without detection.
Highly Sensitive Data Allegedly Exposed
Samples of the dataset, shared on an anonymous Telegram channel in early February, suggest the information spans multiple high-level research domains. These reportedly include aerospace engineering, military research, bioinformatics, and nuclear fusion simulations.
Cybersecurity analysts who reviewed portions of the data say it appears to include documents marked “secret” in Chinese, along with technical files, simulations, and renderings of advanced defense systems such as missiles and bombs.
The hacker has also claimed that the data is linked to major Chinese institutions, including:
- Aviation Industry Corporation of China
- Commercial Aircraft Corporation of China
- National University of Defense Technology
While these claims have not been independently verified, experts say the nature of the samples aligns with the type of work typically processed at large-scale supercomputing centers.
How the Breach May Have Happened
According to researchers who communicated with the alleged attacker, access to the system was gained through a compromised VPN domain, allowing entry into the network.
Once inside, the hacker reportedly deployed a botnet, a network of automated programs, to extract data gradually across multiple servers. This distributed approach enabled the attacker to siphon vast amounts of information over approximately six months while avoiding detection.
Experts note that the technique relied less on advanced hacking tools and more on exploiting structural weaknesses in the system’s architecture. By spreading data transfers across different nodes, the attacker minimized the risk of triggering security alerts.
Scale and Intelligence Value
The sheer size of the alleged dataset makes it particularly significant. One petabyte equals 1,000 terabytes, meaning the total volume of stolen data could exceed the storage capacity of thousands of high-end computers combined.
Cybersecurity analysts warn that such a dataset would be of immense value to state intelligence agencies, which possess the resources to analyze and extract strategic insights from large volumes of information.
Given the potential inclusion of defense-related research and advanced technological data, the breach could have far-reaching implications for national security and global technological competition.
Data for Sale
The hacker is reportedly offering limited previews of the dataset for several thousand dollars, with full access priced at hundreds of thousands of dollars, payable in cryptocurrency.
This method of monetization is consistent with other large-scale cyber incidents, where stolen data is sold on underground markets to governments, corporations, or other malicious actors.
Concerns Over Cybersecurity Weaknesses
If confirmed, the breach would highlight persistent cybersecurity challenges within China’s digital infrastructure. Despite significant investments in technology and artificial intelligence, experts say vulnerabilities remain across both government and private-sector systems.
Previous incidents have underscored similar concerns, including a major leak in 2021 that exposed personal data of up to one billion Chinese citizens after a database was left unsecured.
Chinese authorities have acknowledged the importance of strengthening cybersecurity. In its 2025 National Security White Paper, the government emphasized the need to build “robust security barriers” for networks, data systems, and artificial intelligence infrastructure.
Official Response and Uncertainty
Chinese government agencies, including the Ministry of Science and Technology and the Cyberspace Administration, have not publicly confirmed the breach. Independent verification of the hacker’s claims remains ongoing.
Experts caution that while early assessments suggest the data may be genuine, the full scope, origin, and authenticity of the leak have yet to be conclusively established.
Global Implications
The incident underscores the growing risks associated with centralized data systems and the increasing value of digital assets in geopolitical competition. As nations race to dominate fields such as artificial intelligence and advanced computing, cyberattacks targeting critical infrastructure are becoming more frequent and more consequential.
Whether fully verified or not, the alleged breach serves as a stark reminder of the vulnerabilities inherent in even the most advanced technological systems — and the potentially global consequences when those systems are compromised.
