Is Anthropic’s Claude Mythos AI Model a Cybersecurity Risk? Uncovering the Unauthorized Access Scandal

Anthropic is investigating allegations that unauthorized access occurred to its next-generation AI model, ‘Claude Mithos,’ which the company has warned could be misused in high-risk cyberattacks. Sources say a subset of users reached the model via private online forums on the same day Anthropic released a limited preview, renewing scrutiny of AI security controls.

Bloomberg reported Tuesday, citing people familiar with the matter and internal documents, that a small group gained access to Anthropic’s ‘Claude Mithos’ preview. The users reportedly ran the model continuously from the day it was released, but investigators have found no evidence it was used to carry out cyberattacks. Reporters say screenshots and demos partly corroborate the account.

An Anthropic spokesperson said the company is investigating reports that the ‘Claude Mithos Preview’ was accessed through one of its third-party vendor environments. So far, Anthropic has found no signs the activity extended beyond that vendor or that its own systems were affected.

Sources say the access came through the account of an external contractor hired to evaluate Anthropic’s models. Leaked data from AI hiring and training startup Mercor reportedly helped the group locate the model. Bloomberg sources added the group may also have accessed other unreleased Anthropic models.

‘Controlled release’ strategy exposed a supply‑chain security weakness

Anthropic has warned that Claude Mithos’ coding ability could outperform most humans — aside from a tiny number of top specialists — at finding and exploiting software vulnerabilities. For that reason, distribution was tightly limited under a program called ‘Project Glasswing.’

The preview was provided to roughly 40 organizations, including Apple ($AAPL), Amazon ($AMZN), Cisco Systems ($CSCO), CrowdStrike Holdings ($CRWD), Google, JPMorgan Chase ($JPM), Microsoft ($MSFT) and Nvidia ($NVDA). The goal was for those organizations to test the model’s performance and risks on their own systems and develop mitigations.

But the incident shows a ‘controlled release’ can fail at its weakest link. Here, access was achieved not by breaching core systems but by combining a partner account with leaked data — a scenario that highlights how traditional perimeter defenses alone may not stop risks in the generative AI era.

Ram Baradarajan, CEO of Acalvio Technologies, told SiliconANGLE the Claude Mithos incident did not require a sophisticated attack. “That a contractor, URL patterns, and first-day indicators were enough suggests the controlled distribution failed at its weakest point long before the model’s capabilities became the main issue,” he said. “Access control is a policy, not a structure, and policies can fail.”

U.S. government attention grows — AI cybersecurity competition likely to intensify

Access to Claude Mithos has become a sensitive issue within the U.S. government. Reports say the NSA and the Commerce Department’s AI Standards Innovation Center have secured access, and the Treasury Department is pursuing use. That level of interest signals the model’s strategic value for both defense and offense.

Sources say the users who succeeded in unauthorized access largely refrained from aggressive activity to avoid detection. Still, even the possibility that a powerful cybersecurity AI model has slipped beyond control will raise alarms across markets and institutions.

Tim Mackey, head of software supply chain risk strategy at Black Duck Software, offered a similar perspective. He said Anthropic’s approach to promoting Claude Mithos may have looked like a challenge to some. Restricting the model to selected researchers has merits, but it also creates incentives for excluded groups to try direct access rather than wait for final reports.

Mackey noted that defenders can feel uneasy even at the hint of unauthorized access to a powerful adversarial model like Claude Mithos. He urged security leaders to use the episode to assess how they integrate AI-based cybersecurity capabilities into operations and how quickly they can scale those defenses against AI-enabled attackers.

The incident underscores that who accesses a model, by what route, and how securely they do so matters as much as raw performance. As the AI industry matures, the most acute risks are increasingly likely to surface first in supply chains and certification systems rather than in the model itself.

TP AI Notice This article was summarized using a language model based on TokenPost.ai. The summary may omit key points or differ from the facts.