China Potentially Hit by Largest Data Breach in History Following Supercomputer Cyberattack
China may have experienced its most significant data breach ever after a cyberattack targeted one of the nation's supercomputers. According to a CNN report, a hacker allegedly accessed and stole more than 10 petabytes of highly sensitive data from a state-run system. This stolen information reportedly includes classified defense documents, missile schematics, and critical research files, posing a severe threat to national security.
Details of the Alleged Data Theft from National Supercomputing Centre
The dataset is believed to have been extracted from the National Supercomputing Centre (NSCC) in Tianjin, a facility that provides essential infrastructure services to over 6,000 clients. These clients encompass scientific institutions and defense-related organizations, making the breach particularly alarming. On February 6, an account named FlamingChina shared samples of the alleged data on Telegram, claiming it contains research across diverse fields such as aerospace engineering, military research, bioinformatics, and fusion simulation.
Cybersecurity experts who reviewed portions of the data confirmed it appears consistent with material typically handled by such high-security facilities. Some files were marked "secret" in Chinese and included technical documents, simulations, and renderings of defense equipment. Dakota Cary, a consultant at cybersecurity firm SentinelOne, told CNN, "They're exactly what I would expect to see from the supercomputing center. You would use supercomputer centers for large computational tasks. The swath of samples that the sellers put out kind of really speaks to the breadth of customers that this supercomputing center had."
However, CNN noted it could not independently verify the dataset's authenticity or the group's claims. Despite this, multiple experts indicated the leak could be genuine, given the nature of the samples. The group is reportedly offering limited previews for thousands of dollars, with full access priced at hundreds of thousands of dollars, payable in cryptocurrency, highlighting the potential value of the stolen information.
How the Hacker Allegedly Breached the Chinese Supercomputer System
According to Marc Hofer, a cybersecurity researcher who reviewed the samples, the attacker claimed to have gained access through a compromised VPN domain. Once inside, the hacker allegedly deployed a "botnet" to extract and distribute the data across multiple systems over several months. This method allowed for a stealthy operation that may have avoided detection by security protocols.
Cary explained that the breach relied more on exploiting system architecture than using advanced techniques. "You can think of it as having a bunch of different servers that you have access to and you're pulling data through this hole in the security of the NSCC — pulling some down to one server, some down to the next," he said. By spreading the extraction process, the attacker minimized the risk of triggering alarms, making it a calculated and prolonged effort.
Implications for Cybersecurity and National Security
Experts warn that the scale of this alleged breach could make the data extremely valuable for intelligence purposes, particularly for state-backed actors. Hofer noted, "Only they probably have the capacity to work through all this data and come back with something useful," referring to the potential for foreign governments or entities to exploit the information. The Tianjin facility is one of several supercomputing centers in China, including hubs in Guangzhou, Shenzhen, and Chengdu, which support large-scale computational work for government, academic, and industrial users.
This incident raises serious concerns about cybersecurity practices in China. Previous cases, such as a 2021 database leak that exposed personal information of up to one billion Chinese citizens, have highlighted persistent gaps. Cary added, "They've really had poor cybersecurity for a very long time across a wide number of industries and organizations. If you look at what Chinese policymakers say themselves, cybersecurity in China has not been good. They would say it's still improving at this point in time."
China has acknowledged these challenges in official documents. In its 2025 National Security White Paper, the government emphasized building "robust security barriers for the network, data, and AI sectors" as a priority, while continuing efforts to strengthen cybersecurity mechanisms and protect key infrastructure. This breach underscores the urgent need for enhanced security measures to prevent future incidents of this magnitude.
