Overview
Severity: CRITICAL | Affected: Anthropic | Category: breach
Anthropic has confirmed a significant security breach orchestrated by a sophisticated threat actor. The attackers gained access to Anthropic's internal development environment through a compromised third-party CI/CD tool, exfiltrating the full model weights for an unreleased version of their next-generation 'Claude 5' model. In addition to this critical intellectual property theft, the breach also exposed a large dataset of anonymized, but potentially re-identifiable, enterprise customer prompts and fine-tuning data from the past quarter. The company has notified affected customers and is collaborating with federal law enforcement agencies. The incident highlights the growing threat of supply-chain attacks targeting AI labs and raises serious concerns about the security of proprietary model architectures and the sensitive data used to train them.