Cyberattack on China’s National Supercomputing Center Raises National Security Concerns
A suspected cyberattack on China’s National Supercomputing Center (NSCC) in Tianjin has sparked alarm over the potential exposure of sensitive research data tied to aerospace, defense, and scientific programs. According to reports on hacker forums, an individual operating under the alias “Flaming China” claimed to have infiltrated the facility’s systems and exfiltrated over 10 petabytes (PB) of data equivalent to roughly 10 million gigabytes.
The alleged stolen dataset includes research on aerospace engineering, military technology, bioinformatics, and nuclear fusion simulations, with files reportedly sourced from leading institutions such as the Aviation Industry Corporation of China (AVIC), Commercial Aircraft Corporation of China (COMAC), the National University of Defense Technology (NUDT), and Northwestern Polytechnical University (NWPU). Some materials were marked with 10-year confidentiality labels, while others appeared to involve military damage simulations targeting armored systems, including HIMARS rocket launchers and aircraft carriers.
The hacker advertised the data for sale online, offering a full file index for 10 Monero (XMR) approximately $3,700 with the highest bidder gaining access to the entire dataset. Cybersecurity analysts noted that if verified, the breach could enable reverse engineering of Chinese research, exposing technical methodologies and undermining competitive advantages in critical sectors.
The Tianjin NSCC is a strategic hub for China’s scientific and defense research, hosting advanced computing infrastructure used by over 1,600 institutions across 30 provinces. The facility previously operated Tianhe-1, once the world’s fastest supercomputer, and remains integral to state-backed simulations and engineering projects. Experts warned that the breach may indicate weak internal security segmentation, allowing attackers to move laterally across systems once initial access was gained.
Despite the severity of the allegations, Chinese authorities and the NSCC have not publicly confirmed or denied the incident. The lack of official response mirrors previous high-profile breaches, including the 2022 Shanghai police data leak (affecting nearly 1 billion citizens) and the 2025 WeChat Pay/Alipay financial records exposure (over 4 billion records). Online discussions have questioned the hacker’s claims, particularly the low asking price for such a vast dataset, while others criticized weak governance and internal vulnerabilities as potential contributing factors.
The incident underscores growing concerns over the security of China’s critical research infrastructure and the potential fallout from large-scale data exfiltration in sensitive sectors.
Northwestern Polytechnical University TPRM report: https://www.rankiteo.com/company/西北工业大学“阳光工程”学生青年志愿者服务队
Aviation Industry Corporation of China TPRM report: https://www.rankiteo.com/company/avic-aircraft-co-ltd-
"id": "avi西北工1773887823",
"linkid": "avic-aircraft-co-ltd-, 西北工业大学“阳光工程”学生青年志愿者服务队",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"{'affected_entities': [{'customers_affected': 'Over 1,600 institutions across '
'30 provinces',
'industry': 'Supercomputing, Defense, Aerospace, '
'Scientific Research',
'location': 'Tianjin, China',
'name': 'National Supercomputing Center (NSCC) in '
'Tianjin',
'type': 'Government/Research Facility'},
{'industry': 'Aerospace, Defense',
'location': 'China',
'name': 'Aviation Industry Corporation of China (AVIC)',
'type': 'State-owned Enterprise'},
{'industry': 'Aerospace',
'location': 'China',
'name': 'Commercial Aircraft Corporation of China '
'(COMAC)',
'type': 'State-owned Enterprise'},
{'industry': 'Defense, Technology',
'location': 'China',
'name': 'National University of Defense Technology '
'(NUDT)',
'type': 'University/Research Institution'},
{'industry': 'Aerospace, Defense, Engineering',
'location': 'China',
'name': 'Northwestern Polytechnical University (NWPU)',
'type': 'University/Research Institution'}],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '10 petabytes (PB)',
'sensitivity_of_data': 'High (10-year confidentiality labels, '
'military-related)',
'type_of_data_compromised': ['Aerospace engineering research',
'Military technology',
'Bioinformatics',
'Nuclear fusion simulations',
'Military damage simulations '
'(HIMARS rocket launchers, '
'aircraft carriers)']},
'description': 'A suspected cyberattack on China’s National Supercomputing '
'Center (NSCC) in Tianjin has sparked alarm over the potential '
'exposure of sensitive research data tied to aerospace, '
'defense, and scientific programs. An individual operating '
"under the alias 'Flaming China' claimed to have infiltrated "
'the facility’s systems and exfiltrated over 10 petabytes (PB) '
'of data, including research on aerospace engineering, '
'military technology, bioinformatics, and nuclear fusion '
'simulations.',
'impact': {'brand_reputation_impact': 'Undermined trust in China’s critical '
'research infrastructure security',
'data_compromised': '10 petabytes (PB) of sensitive research data',
'operational_impact': 'Potential exposure of technical '
'methodologies and competitive advantages in '
'critical sectors',
'systems_affected': 'National Supercomputing Center (NSCC) in '
'Tianjin'},
'initial_access_broker': {'data_sold_on_dark_web': True},
'investigation_status': 'Unconfirmed (no official response from Chinese '
'authorities or NSCC)',
'lessons_learned': 'The incident underscores concerns over the security of '
'China’s critical research infrastructure and potential '
'fallout from large-scale data exfiltration in sensitive '
'sectors. Weak internal security segmentation may have '
'allowed lateral movement across systems.',
'motivation': 'Financial gain (data sale)',
'post_incident_analysis': {'root_causes': 'Weak internal security '
'segmentation, potential governance '
'vulnerabilities'},
'ransomware': {'data_exfiltration': True,
'ransom_demanded': '10 Monero (XMR) (~$3,700)'},
'references': [{'source': 'Hacker forums (Flaming China alias)'}],
'response': {'communication_strategy': 'No public confirmation or denial from '
'Chinese authorities or NSCC'},
'threat_actor': 'Flaming China (alias)',
'title': 'Cyberattack on China’s National Supercomputing Center Raises '
'National Security Concerns',
'type': 'Data Breach',
'vulnerability_exploited': 'Weak internal security segmentation'}