A significant data breach has been reported in China, where a hacker managed to access a government supercomputer and steal a vast amount of sensitive information. The stolen data includes classified defence documents, missile designs, and research related to fighter jets and advanced war simulations. The estimated size of the stolen data surpasses 10 petabytes, making it one of the largest data breaches from China’s critical infrastructure.
The breach is believed to have occurred at the National Supercomputing Center (NSCC) in Tianjin, a pivotal facility supporting over 6,000 organizations in fields like advanced science, aerospace, and defence research. This center plays a crucial role in some of China’s most sensitive computational activities.
Cybersecurity experts investigating the breach revealed that the hacker gained access easily through a compromised VPN entry point. The hacker then quietly extracted data over several months using a botnet, a network of automated systems, to avoid detection. Although the method used was not highly sophisticated, it allowed the hacker to siphon off data gradually across different systems, spanning around six months.
The stolen data surfaced on Telegram in early February when an account named “FlamingChina” shared samples on an anonymous channel. The leaked information covered various research areas such as aerospace engineering, military technology, bioinformatics, and fusion simulations. Documents marked as “secret” in Chinese, technical files, and renderings of defence systems like bombs and missiles were among the data shared. The breach holds significant intelligence value, particularly for foreign governments or rival agencies.
Following the breach, the hackers reportedly began selling limited previews of the data for thousands of dollars, with full access priced in the hundreds of thousands, payable in cryptocurrency. While the authenticity of these claims remains unverified, experts who examined the data believe it to be legitimate.