Hackers Claim 10 Petabytes Stolen From China's National Supercomputing Center

Q: What Was Allegedly Stolen

To put the scale in perspective: 10 petabytes is roughly 10,000 terabytes or about 10 million gigabytes. For comparison, the entire Library of Congress is estimated at approximately 15 petabytes. This is an almost unfathomable volume of data to exfiltrate from a single facility. According to the claims, the stolen data includes: Missile schematics: Detailed designs for weapons systems, including evidence of HIMARS-like rocket artillery copies Aerospace simulations: Years of computational modeling for aircraft and space vehicles Defense research documents: Classified papers and reports from China's military research apparatus Weapons testing data: Results from simulated and real-world weapons evaluations

By Jaspal April 9, 2026 Updated: April 9, 2026

In what could be one of the largest data breaches in history, a hacker group claiming the name FlamingChina says it has stolen more than 10 petabytes of data from China's National Supercomputing Center (NSCC) in Tianjin. The alleged haul includes classified defense documents, missile schematics, aerospace simulations, and years of military research data.

What Was Allegedly Stolen

To put the scale in perspective: 10 petabytes is roughly 10,000 terabytes or about 10 million gigabytes. For comparison, the entire Library of Congress is estimated at approximately 15 petabytes. This is an almost unfathomable volume of data to exfiltrate from a single facility.

According to the claims, the stolen data includes:

Missile schematics: Detailed designs for weapons systems, including evidence of HIMARS-like rocket artillery copies
Aerospace simulations: Years of computational modeling for aircraft and space vehicles
Defense research documents: Classified papers and reports from China's military research apparatus
Weapons testing data: Results from simulated and real-world weapons evaluations

How It Allegedly Happened

The attacker claims to have gained initial access through a compromised VPN domain — a surprisingly common attack vector that has been behind some of the most devastating breaches in recent years. Once inside, the extraction reportedly took approximately six months, suggesting the attacker maintained persistent, undetected access to one of China's most important computational facilities.

The NSCC in Tianjin is a centralized hub providing infrastructure services to approximately 6,000 clients across China, including science and defense agencies. This makes it both a high-value target and a single point of failure for a vast amount of sensitive data.

The FlamingChina Connection

The group posted a sample of the alleged dataset on an anonymous Telegram channel in early February. The full dataset is reportedly being offered for sale, though details about the asking price and potential buyers remain unclear.

The story gained mainstream traction after CNN reported on it on April 8, confirming that a hacker is attempting to sell the trove of stolen data. However, independent verification remains difficult given the size of the dataset and the sensitivity of the material.

China's Response

Despite the extraordinary scale of the allegations, Chinese authorities and the Tianjin supercomputing center have not issued any public confirmation or denial of the incident. This silence is typical of how China handles cybersecurity incidents, but it leaves the actual scope and impact of the breach unclear.

Why This Matters

If verified, this breach would represent a catastrophic intelligence failure for China's defense establishment. The growing reliance on AI and supercomputing for military research means that centralized facilities like the NSCC hold increasingly valuable data.

The VPN vulnerability angle is particularly concerning for organizations worldwide. Despite billions spent on cybersecurity, VPN compromises continue to be a leading attack vector for state-level breaches. The enterprise security landscape continues to evolve, but basic infrastructure vulnerabilities remain the weakest link.

Frequently Asked Questions

What is the China supercomputer hack?

A hacker group called FlamingChina claims to have breached China's National Supercomputing Center in Tianjin and stolen 10 petabytes of classified military data including missile schematics, aerospace simulations, and defense research documents.

How much data is 10 petabytes?

10 petabytes equals approximately 10,000 terabytes or 10 million gigabytes. For reference, the entire Library of Congress is estimated at about 15 petabytes. It is one of the largest alleged data thefts in history.

How did the hackers get in?

The attackers reportedly gained access through a compromised VPN domain. The data extraction took approximately six months, suggesting persistent undetected access to the facility.

Has China confirmed the breach?

No. Chinese authorities and the Tianjin supercomputing center have not issued any public confirmation or denial. Independent verification remains difficult given the sensitivity of the material.