A massive trove of data, reportedly exceeding 10 petabytes, has allegedly been stolen from a state-run Chinese supercomputer, according to recent reports. The compromised system, believed to be located at Tianjin's National Supercomputing Center (NSCC), is a critical hub for infrastructure services used by thousands of clients across China. The stolen dataset is said to contain highly sensitive information, including classified defense documents, missile schematics, technical files, and animated simulations of defense technology. Research data from fields such as aerospace engineering, bioinformatics, and fusion simulation are also reported to be among the exfiltrated files.
The breach allegedly came to light on February 6th when a sample of the dataset was posted on Telegram by a user identified as FlamingChina. Cybersecurity researcher Marc Hofer reviewed the data and subsequently contacted an individual who claimed responsibility for the attack. According to this alleged attacker, initial unauthorized access was gained through a compromised VPN domain. Following this, a botnet was deployed to systematically extract, download, and store the vast quantity of data. The entire exfiltration process is estimated to have taken approximately six months to complete.
The alleged perpetrator is reportedly offering limited previews of the stolen dataset for thousands of dollars, with full access being priced in the hundreds of thousands of dollars. All payments are being requested in cryptocurrency, a common method for illicit transactions in the cybercrime world. If the claims of the breach are verified, the leaked information could have significant implications, potentially impacting entities such as the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology.
This incident highlights the ongoing and escalating threats to critical national infrastructure and sensitive research data. The sheer volume of data stolen, coupled with its classified nature, underscores the sophistication and reach of state-sponsored or highly organized cybercriminal groups. Investigations into the full extent of the breach and the identity of the attackers are likely ongoing, with significant geopolitical and national security ramifications anticipated.