Unauthorized Access Claim Puts Anthropic’s Cybersecurity AI Rollout Under Scrutiny

Anthropic investigates reported access to Mythos

Anthropic is investigating a report that a group of unauthorized users gained access to Claude Mythos Preview, a cybersecurity-focused AI tool the company had made available only to selected vendors. The company told TechCrunch that it is looking into claims that the access occurred through a third-party vendor environment, while saying it has not found evidence that Anthropic’s own systems were affected.

The report is significant because Mythos is not a general consumer chatbot. Anthropic has described the product as an enterprise security tool with enough capability that, in the wrong hands, it could be repurposed for offensive hacking. That dual-use profile is why the tool’s limited release matters: access controls are part of the safety model, not just a commercial packaging decision.

How access was reportedly obtained

According to the source material, Bloomberg reported that members of a private online forum obtained access to Mythos through a third-party vendor. The people involved have not been publicly identified. One person cited in the report was said to work for a third-party contractor connected to Anthropic, and the group reportedly used that person’s access as part of its effort.

The group also allegedly made an educated guess about the model’s online location based on Anthropic’s prior naming or location patterns for other models. Bloomberg was reportedly shown screenshots and a live demonstration of the tool. The group was said to have accessed Mythos on the same day it was publicly announced and to have used it regularly afterward.

Why the incident matters

For AI companies, the incident illustrates a familiar problem in a sharper form: a model can be protected at the core while still being exposed through the broader ecosystem around it. Vendor environments, contractors, preview programs and early partner deployments all expand the number of places where access credentials and routing details can leak or be misused.

Anthropic’s current position is narrower than the report’s claim. The company is not saying its systems were compromised. It is saying it is investigating a report involving a third-party vendor environment and has not seen evidence that the activity affected Anthropic systems. That distinction matters, but it does not erase the operational risk. For restricted AI systems, unauthorized use through a partner can still undermine the purpose of a controlled rollout.

Mythos was reportedly released to a select group of vendors, including Apple, as part of an initiative called Project Glasswing. The limited release was intended to reduce the chance that bad actors could use the tool. If a private group gained access through a vendor channel immediately after announcement, it raises questions about how preview deployments are monitored, how access is scoped, and how quickly suspicious usage can be detected.

The broader AI security challenge

The report also points to a cultural issue around unreleased AI systems. The source material describes a Discord channel whose members seek information about unreleased AI models. The person cited in the report characterized the group as interested in experimenting with new models rather than causing harm. Even if that description is accurate, unauthorized experimentation with a cybersecurity tool creates a higher-risk scenario than curiosity around a standard chatbot.

Enterprise AI security products must be useful enough to analyze threats, automate investigation and assist defenders. Those same capabilities can become dangerous if redirected toward reconnaissance or exploitation. That tension makes release discipline central to product safety. It also means vendors participating in previews become part of the security boundary.

For Anthropic, the immediate task is to determine what happened, whether any access path remains open, and whether the controls around third-party environments were sufficient. For the wider industry, the episode is a warning that frontier AI governance depends on mundane operational details: credentials, contractors, vendor permissions, logging and internal naming conventions.

The incident has not yet been described as a breach of Anthropic’s own systems. Still, the reported access to Mythos shows how fast restricted AI tools can become targets once their existence is known.

This article is based on reporting by TechCrunch. Read the original article.