Overview
Severity: CRITICAL | Affected: Anthropic | Category: breach
AI safety and research company Anthropic has confirmed a significant data breach impacting a subset of its enterprise customers using the Claude API for model fine-tuning. The breach, which occurred in late February 2025, resulted from a misconfigured cloud storage bucket. Unauthorized actors gained access to proprietary datasets uploaded by customers for customizing Claude models. While Anthropic states that core model weights and general user data were not compromised, the exposure of sensitive corporate training data poses a serious risk of intellectual property theft and competitive disadvantage for the affected clients. The company has notified impacted customers and is working with cybersecurity firms to investigate the full extent of the incident. This breach underscores the critical need for robust data security practices surrounding the sensitive information used to train and customize AI models.