A hacker operating under the name “FlamingChina” extracted more than 10 petabytes of classified defense data from the National Supercomputing Center (NSCC) in Tianjin over six months without triggering alerts, exploiting shared node credentials and an absence of internal network segmentation that gave a single compromised entry point access to the facility’s entire client base, according to reporting by CNN and cybersecurity researcher Marc Hofer of NetAskari.

The dataset was first advertised on Breach Forums on February 6 under the alias “airborneshark1” and subsequently reposted to drive bidding.

The National Super Computer Center in Tianjin seemed to have experienced a massive data leak of whooping 10 PetaByte of internal data, inclusive classified data.https://t.co/zrjsMiO3TX pic.twitter.com/aCbVtKLiiw

— 𝔗𝔥𝔢 𝕯𝔢𝔞𝔡 𝕯𝔦𝔰𝔱𝔯𝔦𝔠𝔱△ 🇬🇪🇺🇦🇺🇲🇬🇷 (@TheDeadDistrict) March 20, 2026

The archive reportedly contains simulation data for the J-20 fighter jet, sixth-generation aircraft programs, carrier strike group models, hypersonic weapon systems, and missile damage analyses.

❗️The leaked sample data from China’s National Supercomputing Center in Tianjin includes a video of what seems to be a simulation of a bunker buster bomb, designed to penetrate bunkers and damage underground structures. https://t.co/AC2PmfTZTj pic.twitter.com/Br4vQqLCVi

— International Cyber Digest (@IntCyberDigest) March 19, 2026

Some files are labeled “classified for 10 years” in Chinese, with material dated as recently as 2025.

There are multiple simulations showing explosions and the integrity of buildings/vehicles and more.

The National Supercomputing Center in Tianjin is a government-owned datacenter where SOEs and universities run complex data simulations, virtual test systems, and scientific… pic.twitter.com/lD6phX036w

— International Cyber Digest (@IntCyberDigest) March 19, 2026

Institutions identified in the samples include the Aviation Industry Corporation of China (AVIC), the Commercial Aircraft Corporation of China (COMAC), the National University of Defense Technology (NUDT), and Northwestern Polytechnical University (NWPU).

🧠 Alleged 10+ PB Research Data Leak Linked to China’s National Supercomputing Center

A post on a cybercrime forum claims that 10+ petabytes of research data from China’s National Supercomputing Center (NSCC) research infrastructure have been exfiltrated and are being offered to… pic.twitter.com/Ed9R8gsFM7

— Dark Web Intelligence (@DailyDarkWeb) March 13, 2026

Hofer, who spoke directly with an account on Telegram identifying as FlamingChina, said the actor described gaining initial access through a compromised VPN domain controller.

A botnet then distributed extraction across hundreds of nodes simultaneously, pulling data in increments small enough to stay below detection thresholds for months.

“It wasn’t, at least my read on it, anything particularly incredible in the way that they pulled out this information,” said Dakota Cary, a China-focused consultant at SentinelOne who reviewed samples of the alleged dataset.

Cary attributed the breach’s scale to a systemic architectural failure rather than attacker sophistication. Since compute nodes shared credentials through MPI configuration and no segmentation isolated client environments from one another, compromising a single node effectively compromised the whole system. The full dataset remains available to the highest bidder.

“They’ve really had poor cybersecurity for a very long time across a wide number of industries and organizations,” Cary said.

Neither the NSCC nor China’s Cyberspace Administration of China had issued a public statement on the breach as of April 9.