Hackers claim they've breached a Chinese supercomputer and are demanding huge amounts of crypto for the data, but security researchers are sceptical

Earlier this year, dark web hackers claimed to have exfiltrated a huge amount of data from the National Supercomputing Center (NSCC) in Tianjin, China. The hacker group FlamingChina claims that it stole 10 petabytes of data pertaining to advanced science and defence agencies within China. However, a number of security researchers have since cast doubt on the leak's legitimacy.

As far as I can tell, NetAskari was the first to bring the data leak to wider attention back in February 2026 via X, before further delving into a sample of the leaked files on their SubStack.

According to them, a dark web forum user going by the handle 'airborneshark1' initially offered a sample of the full leak for $3,000 USD (in cryptocurrency, of course), before offering up all 10 petabytes to the highest bidder.

NetAskari was able to obtain a multi-gigabyte sample of the allegedly stolen data. This includes screenshots of the internal system directory layout and user credentials as supporting evidence that some kind of hack did take place.

Beyond that, this sample also included PDFs of reports and handbooks, radar test data, and physics simulation renderings depicting "the effect of payloads and weapon systems against certain targets and materials."

China's NSCC undertakes supercomputing tasks from about 6,000 clients, potentially explaining the breadth of files.

CNN has since picked up the story, reaching out to China’s Ministry of Science and Technology as well as the Cyberspace Administration of China for comment. At the time of writing, there has been no official comment on the data breach. That could be for a number of security reasons, but there's also a chance that this leak is simply not legitimate.

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

For instance, security researcher and malware archivist Vx-underground expressed their scepticism via X, writing, "Something about this story is very strange to me. I've been doing cybersecurity stuff for a long, long time [...] I have not seen the moniker 'FlamingChina' before."

NetAskari notes that the hacker group FlamingChina has had a Telegram channel since at least February 5. That said, they also say this is less likely a permanent 'base of operations', so to speak and more likely just a short-term alias.

They also write that getting 10 petabytes out of any high-security facility without being noticed over months and months would be quite a feat if it were legitimate. "Did they truly get 10 PB!? We don't know. To extract such an amount of data means, you have to be lodged in the system over a longer period of time," NetAskari writes.

"Most likely with the help of someone from the inside. Even if the cyber security is a little bit shoddy, eventually someone probably would notice a constant data extraction process of this size."

(Image credit: Getty Images)

CNN posits a botnet-based approach that could have distributed the extraction of data across many sources simultaneously, thereby making such an attack difficult to trace.

Vx-underground is more intrigued about the practicalities of holding on to all of that data. "I'm also very curious [about] the 10 PETABYTES of data exfiltrated because [that] is an unfathomable number," they write, "10PB is 10,000 TB. Even in cold storage that's roughly $43,000/month. If it's 'hot storage' you're looking at something like, $150,000/month, that doesn't even include the fees for moving the data which would be ASTRONOMICAL."

(Image credit: Getty Images)

CNN itself reached out to a number of experts to speak to the authenticity of the leak's contents, including Dakota Cary. A consultant at SentinelOne, a cybersecurity firm focusing on China, Cary told CNN that the leak's contents were what he would expect given the alleged source, elaborating, "You would use supercomputer centers for large computational tasks. The swath of samples that the sellers put out kind of really speaks to the breadth of customers that this supercomputing center had."

That doesn't sound like the most damning evidence to me. Cary also went on to share that China has had "really poor cybersecurity for a very long time across a wide number of industries and organizations." He went on to tell CNN, "If you look at what Chinese policymakers say themselves, cybersecurity in China has not been good. They would say it’s still improving at this point in time."

Best PC gaming kit 2026