Hacker alleges 10+ petabyte haul from China’s Tianjin supercomputer, including classified missile schematics

April 8, 2026
aisecurityhardwareeducation
Person holding anonymous mask near servers, hinting at cybersecurity and hacking themes.
Photo by panumas nikhomkhai on Pexels

The claim

It has been reported that a hacker — using the handle FlamingChina — allegedly stole more than 10 petabytes of data from the National Supercomputing Center (NSCC) in Tianjin, and posted samples online. The trove is said to include highly sensitive material: documents marked “secret” in Chinese, animated simulations, renderings of bombs and missiles, and other defense-related files. CNN has reached out to China’s Ministry of Science and Technology and the Cyberspace Administration of China for comment; no official public response has been reported.

What the samples suggest

Cybersecurity experts who reviewed the samples told CNN they appeared genuine and consistent with what you’d expect from a large supercomputing hub that serves thousands of clients, from aerospace firms to defense research institutes. It has been reported that the seller offered a limited preview for thousands of dollars and full access for hundreds of thousands, demanding cryptocurrency — a familiar playbook in today’s dark data markets. If the authenticity holds up, the scale and scope would make this one of the largest alleged data losses tied to Chinese infrastructure.

Why it matters

Why should anyone care about 10 petabytes? Because that’s not a few leaked spreadsheets — it’s an ocean of intelligence. Supercomputing centers handle massive simulations and sensitive research that individual labs rarely host themselves. Experts told CNN that only well-resourced state actors might be able to extract actionable value from such an enormous collection, but even the preview files include material that looks directly relevant to national security and aerospace programs.

Next steps and the broader context

Allegations like this raise familiar questions: was this a clever breach or an internal misconfiguration? How long did it go undetected? And who ultimately benefits? The story feeds into a larger trend of large-scale data thefts and growing concerns about how critical research infrastructure is defended. For now, the claims remain unverified beyond expert assessments of samples — but if true, the fallout could be messy, costly, and long-lasting. Who will sift through a 10-petabyte haystack? Answering that may take years.

Sources: cnn.com