In a significant breach of cybersecurity, a hacker has reportedly stolen a massive volume of sensitive data from one of China’s state-owned supercomputers. Although the specific supercomputer compromised remains unnamed, a report from CNN suggests that the stolen dataset surpasses 10 petabytes, potentially marking it as the largest data breach in China’s history. The affected supercomputer is believed to be located at the National Supercomputing Center (NSCC) in Tianjin, which is home to several powerful computing systems.
The NSCC serves over 6,000 clients across China, including numerous state agencies such as the Commercial Aircraft Corporation of China—responsible for the Comac C919 passenger jet—the National University of Defence Technology, and the Aviation Industry Corporation of China. The extensive trove of data accessed by the hacker allegedly includes classified defense documents, rocket designs, and research related to aerospace engineering, bioinformatics, and fusion simulations.
The breach was first detected in early February 2026 when an anonymous user known as “FlamingChina” uploaded a sample of the stolen data to a Telegram channel. Cybersecurity researchers quickly began to investigate, confirming the authenticity of the data. Reports indicate that the hackers offered a limited preview of the data for several thousand dollars and promised unrestricted access for several hundred thousand dollars in cryptocurrency.
How did the hackers achieve this?
While a detailed technical breakdown of the breach is beyond the scope of this article, cybersecurity expert Marc Hofer has stated that the breach largely occurred through a compromised VPN domain. He reported communicating directly with the individual allegedly behind the hack via Telegram.
Hofer explained that once the hacker gained access to the supercomputer, a botnet—essentially a network of automated programs—was deployed to extract, download, and store data from the supercomputer discreetly. This botnet was designed to operate unnoticed, avoiding triggering alarms within China’s cybersecurity framework. Consequently, the alleged hackers reportedly took more than six months to siphon off the claimed 10 petabytes of data.
This incident raises pressing questions about the integrity of China’s technological infrastructure. While the country has previously downplayed such data breaches, this latest occurrence is one of many cybersecurity incidents. The sensitivity and sheer scale of the leaked data make this breach particularly concerning from a national security perspective. It remains to be seen whether this incident will lead to heightened scrutiny and reform of China’s cybersecurity policies.
