On your fidget spinner usb drive from a trade show

Not to mention the logistics of transferring that much data alone. You need a high enough network speed to snag it all before being caught.

Minivan full of usb keys. Probably still the fastest data transfer method too.

That may be uncompressed (and text and similar data compress really well).

Otherwise my bigger question is how did they transfer 10PB with no one noticing

Hackers must have insane S3 bills

Tapes

They’re selling those on AliExpress

It’s a supercomputer center, so I imagine large data transfer is normal in the environment. They could have piggybacked on existing high-throughput data workflows, or somehow blended into expected large transfers. Data can be exfiltrated over weeks or months, across multiple endpoints or accounts, … and compression could have happened prior to transfer (meaning the transfer may have been smaller than 10PB). Monitoring could have been inadequate or bypassed.

I imagine the puny change could be indicative of wanting a fast sale. Possibly, if they decided to store the data on cloud drives via a credit line. They might want a sale before the bill comes.

Edit: yup

According to the alleged attacker, they gained access through a compromised VPN domain, then deployed a botnet to extract data. Instead of transferring data in bulk, the attacker distributed the exfiltration across multiple systems and moved ‘smaller’ amounts over about six months to avoid detection. Such a method relies more on exploiting system architecture than on advanced hacking techniques, which in part helped the perpetrator to avoid detection.