A Chinese-linked hacking group spent more than two years covertly stealing data from academic, medical, and military research institutions in the United States and Canada, according to Google. The campaign ran from September 2023 to November 2025, according to Reuters.
Google identified the group and linked it to China, though the report does not detail exactly which institutions were hit or what specific data was taken. The targets — universities, hospitals, and military research bodies — represent some of the most sensitive repositories of intellectual property and national security information in North America.
The operation lasted over 26 months, suggesting a methodical, long-running effort rather than an opportunistic smash-and-grab. Espionage campaigns of this kind typically aim to harvest cutting-edge research that would take years and billions of dollars to develop independently.
This story matters because research institutions are often seen as softer targets than government agencies or defense contractors — they prioritize open collaboration over security lockdowns. When adversaries successfully infiltrate them, they can walk away with breakthroughs in medicine, materials science, or weapons technology without ever setting foot in a lab.