Anthropic Reviews Reported Access to Restricted AI Model

Anthropic has confirmed that it is investigating a report of unauthorized access to Claude Mythos Preview, a model the company has characterized as too dangerous for public release. The reported access was said to have occurred through a third-party vendor environment.

The company’s statement, reported by Bloomberg and relayed by Gizmodo, said Anthropic had received a report claiming unauthorized access to Claude Mythos Preview through one of its third-party vendor environments. Bloomberg reportedly reviewed a live demo and screenshots from a member of the group said to be responsible for the access.

The facts available publicly are limited, and the report is careful about identifying the people and methods involved. Still, the incident raises a serious governance question for frontier AI labs: even when a model is kept out of public release, vendor access and internal tooling may create paths that are harder to secure than the model itself.

How the Reported Access Happened

According to the source account summarized in the article, the group combined several pieces of information. A Discord group reportedly used bots to search GitHub for information about unreleased AI models. The account also refers to a data breach at the AI training startup Mercor. The group then allegedly combined that information with access available to a person working at an Anthropic contractor.

That chain of events reportedly allowed the group to infer the online location of Claude Mythos. The group is said to have accessed the model since April 7, the same day Anthropic announced Project Glasswing.

The source quoted in the report claimed the group was interested in experimenting with new models rather than causing harm. That claim does not reduce the seriousness of the access issue. If a restricted model is available to an unauthorized party, the risk does not depend only on what the first reported group says it intends to do.

A band-aid overlays a broken laptop screen with visible cracks and lines, suggesting a repair theme.
More in Culture

AI for social good still depends on institutions, labor, and local trust

A Rest of World essay argues that AI systems aimed at solving social problems cannot succeed on technical performance alone and need human support, institutional capacity, and accountability to produce real benefits.

Read article

The Vendor Risk Problem

The reported incident highlights a common weak point in high-security technology operations: the main company may lock down its own systems while contractors, vendors, and partner environments retain enough access to become attractive targets.

For AI companies, the stakes are unusual. A frontier model is not just a file or service. It may encode capabilities that the developer has intentionally withheld from public release. If access controls around preview models, evaluation systems, or contractor environments are weak, then the company’s release policy may be undermined before the model is ever launched.

The report does not establish the full scope of the access, whether model weights were exposed, or whether access was limited to an interface. Those distinctions matter. Interface access can still be risky, but it is different from theft of model weights or training assets. Anthropic’s investigation will need to determine exactly what was reachable, for how long, and through which systems.

Why This Matters Beyond Anthropic

AI labs increasingly depend on outside contractors for evaluation, data work, red teaming, labeling, and operations. Those workflows can create broad access patterns that are hard to monitor, especially when teams are moving quickly to build and test unreleased systems.

The Claude Mythos report therefore lands in the middle of a larger industry debate about frontier model security. If companies argue that certain models are too powerful to release, they also need to show that restricted access programs, vendor systems, and internal preview environments are governed with the same seriousness.

There is also a trust issue. Governments, enterprise customers, and the public are being asked to accept that AI developers can safely manage increasingly capable systems. A reported unauthorized access path through a vendor environment is the kind of failure that tests that claim.

Sonos Play review: a great jack-of-all-trades portable speaker for home or away
More in Culture

Sonos bets on recovery with the Play, a portable speaker built for home first and travel second

Sonos’ new Play speaker is more than a product launch. It is a test of whether the company can re-center its identity after two years spent repairing the damage from its app overhaul.

Read article

What to Watch Next

The key questions now are concrete. Anthropic will need to determine whether the reported access occurred, whether any sensitive data or model capabilities were exposed, whether the access has been cut off, and whether third-party vendor controls need to change.

The broader AI sector will be watching for signs that labs are tightening contractor access, improving monitoring around preview systems, and limiting discoverable information about unreleased models. The most important lesson may be that model safety is not only a research problem. It is also an infrastructure, access control, and vendor management problem.

This article is based on reporting by Gizmodo. Read the original article.

Originally published on gizmodo.com