According to CNN, a hacker claims to have extracted an enormous cache of sensitive information from a Chinese state-run supercomputer—from highly classified defense documents to missile schematics. If the claim is verified, it could amount to the largest known data breach in China’s history.
CNN reports that the trove, allegedly taken from the National Supercomputing Center in Tianjin, exceeds 10 petabytes. The center is regarded as one of the country’s key infrastructure hubs and serves more than 6,000 clients, including scientific institutions and defense bodies.
Cybersecurity experts interviewed by CNN, who reviewed the published samples and spoke with the alleged hacker, say access to the system appears to have been obtained with relative ease. In their assessment, the attacker was able to siphon off vast amounts of data over several months without detection.
On February 6, an account calling itself FlamingChina posted a sample of the alleged leak on an anonymous Telegram channel. The message claimed the trove included research across a wide range of fields—from aerospace engineering and military development to bioinformatics and fusion simulation. The group also said the materials were linked to several leading organizations, including the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology.
CNN said it had sent inquiries to China’s Ministry of Science and Technology and the Cyberspace Administration of China, but received no response. The network also stressed that it could not independently verify the origin of the data or FlamingChina’s claims. Even so, several experts who reviewed the materials found the leak credible.
Among the published samples, CNN reports, are documents marked “secret” in Chinese, along with technical files, animations, and visualizations of defense systems, including bombs and missiles. Dakota Cary, a consultant at SentinelOne who reviewed the samples, said what he saw was consistent with what one would expect from a supercomputing center handling complex computational tasks for a broad range of clients.
Opened in 2009, the Tianjin center was China’s first facility of its kind and is part of a broader network of similar hubs in other major cities. According to researcher Mark Hofer, a dataset of such scale would be of particular interest above all to state intelligence agencies, since they are the ones with the resources required to process it.
Hofer told CNN that he had contacted, via Telegram, a person claiming to have organized the breach. According to that account, the initial access was obtained through a compromised VPN domain. The attacker then allegedly deployed a botnet that made it possible to penetrate the center’s system, extract the data, and store it. The transfer of 10 petabytes, it is claimed, took about six months. CNN separately stressed that it was unable to independently verify this version of events.
In Cary’s assessment, the decisive factor was not so much technical sophistication as the architecture of the attack itself. By distributing the data transfer across numerous servers, the attacker reduced the chances of detection: small streams sent to different destinations are harder to spot than a single large exfiltration channel. Even so, he said, the method itself does not appear especially unique.
If the leak is confirmed, CNN writes, it would become further evidence of deeper problems in China’s technological infrastructure—especially against the backdrop of intensifying rivalry between Beijing and Washington in technology and artificial intelligence. Cary noted that cybersecurity weaknesses have long been a feature of both China’s state sector and its private economy.
The CNN report also recalls that in 2021, a major database containing personal information on up to 1 billion Chinese citizens was left exposed online for more than a year, until an anonymous user tried to sell it on a hacking forum in 2022. China’s authorities have themselves acknowledged the problem: the country’s 2025 National Security White Paper lists among its priorities the creation of robust safeguards for networks, data, and the AI sector, as well as the development of cybersecurity tools and platforms to protect critical information infrastructure.