China's supercomputing centre may have suffered major data breach: Report

The data has reportedly been stolen from the National Supercomputing Centre in Tianjin (NSCC), a major computing hub that supports more than 6,000 users

An alleged cyberattack on a state-run Chinese supercomputing facility may have led to the theft of an enormous volume of sensitive data, potentially making it one of the country’s largest known breaches, according to a CNN report. The incident is believed to involve over 10 petabytes (PB) of information, triggering fresh concerns about national security and cyber defences.

 

The data was reportedly stolen from the National Supercomputing Centre in Tianjin (NSCC), a major computing hub that supports more than 6,000 users, including institutions engaged in advanced scientific and defence-related work.

 

The scale of the breach is significant as one petabyte equals 1,000 terabytes, roughly the storage capacity of about 1,000 high-end laptops.

 

According to CNN, experts who examined parts of the leaked material and spoke with the hacker suggested the system may have been compromised without much difficulty. The attacker allegedly remained undetected for months while extracting large volumes of data, raising questions about the robustness of monitoring systems.

 

The breach first surfaced when an account named ‘FlamingChina’ shared sample files on an anonymous Telegram channel in early February. The samples were described as covering a wide range of research areas, including aerospace, military technologies, bioinformatics and fusion simulations. The data is also believed to be connected to key organisations such as the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defence Technology.

 

Some of the sample material reportedly includes files marked “secret” in Chinese, along with technical documents, animated simulations and visual representations of defence systems such as bombs and missiles. A cybersecurity researcher cited by CNN noted that the dataset's sheer size makes it particularly valuable to state-backed intelligence agencies, which are better equipped to process such large volumes of information.

 

According to the report, full dataset is being offered for sale at a steep price, possibly hundreds of thousands of dollars, while smaller portions have allegedly been sold for lower amounts via cryptocurrency transactions. However these claims still have not been confirmed.

 

How did the hacker gain access?

 

Preliminary findings indicate the attacker may have accessed the system through a compromised VPN domain associated with the Tianjin facility. After gaining entry, a botnet, comprising multiple automated systems, was used to systematically extract and store data.

 

The data breach operation is believed to have taken nearly six months, with data being siphoned off simultaneously across multiple channels to avoid detection. This approach appears to have reduced the likelihood of triggering security alerts.

 

The breach, therefore, may not have relied on highly advanced hacking tools but instead capitalised on weaknesses in system design and infrastructure, pointing to underlying vulnerabilities.

 

Wider implications for China’s cyber defences

 

If verified, the incident could highlight weaknesses in China’s technology infrastructure at a time when it is competing with the United States for leadership in advanced computing and artificial intelligence (AI).

 

It also mirrors earlier lapses. In 2021, a database reportedly containing personal details of up to one billion Chinese citizens was left exposed online for over a year before being flagged in 2022 when it was offered for sale on a hacking forum.

 

Experts say such cases underline ongoing gaps. A consultant at cybersecurity firm SentinelOne, quoted by CNN, noted that even Chinese authorities acknowledge cybersecurity remains a work in progress, with systems still evolving to address emerging threats.