Claude Code Leak: Human Error Leads to Action by Anthropic
Anthropic PBC is swiftly responding to the unintended disclosure of internal source code related to Claude Code, an AI-driven assistant that has emerged as a significant revenue generator for the firm. In response to copyright takedown requests from Anthropic, thousands of copies of the code were removed from GitHub, as indicated by a notice on the widely used developer platform. Anthropic subsequently indicated that the takedown affected a greater number of GitHub repositories than initially anticipated and has since been considerably reduced. The artificial intelligence startup is implementing measures to refine its internal systems to avert a recurrence of such a leak, which includes enhancements to its automation process.
In a series of posts overnight on X, Boris Cherny, stated that Anthropic’s “deploy process has a few manual steps, and we didn’t do one of the steps correctly.” The company has indicated that it has already “made a few improvements to the automation for next time,” with intentions for “a couple more on the way.” The inadvertent disclosure signifies Anthropic’s second lapse in security within a short timeframe, affecting around 1,900 files and encompassing 512,000 lines of code pertinent to Claude Code. Last week, it is reported that Anthropic had been storing thousands of internal files on a publicly accessible system, including a draft blog post detailing an upcoming model known internally as both “Mythos” and “Capybara.” The exposures occurred at a particularly sensitive juncture for the company. Anthropic is presently engaged in a legal dispute with the US government regarding the Pentagon’s classification of the company as a supply-chain risk, stemming from a confrontation concerning AI safety regulations. The company has indicated that the labeling may result in billions in lost revenue.
Concurrently, Anthropic has experienced notable increases in both user engagement and revenue in recent months, partly attributable to the traction gained from Claude Code – a tool designed to facilitate the writing and debugging of software. According to the company, Claude Code’s run-rate revenue exceeded $2.5 billion as of February, marking a year since its launch. The aforementioned gains are pivotal to the company’s aspirations of initiating a public offering within the current year. On Tuesday, Anthropic issued a statement acknowledging the leak, asserting that “no sensitive customer data or credentials were involved or exposed.” The company stated: “This was a release packaging issue caused by human error, not a security breach.” The matter initially emerged in a post on the social media platform X, which claimed to provide a link to the code and attracted over 30 million views. The leak has prompted a significant volume of online discourse, with numerous individuals claiming to have examined the code thoroughly. There are assertions that undisclosed features have been discovered, such as an always-on AI agent referred to as Kairos, which proactively manages tasks, alongside a mechanism for monitoring occurrences of user frustration and the use of profanities.
Cherny stated that the company is “always experimenting with new ideas,” the majority of which do not ultimately see the light of day. He indicated that Anthropic is currently “on the fence” regarding the Kairos feature, specifically. Regarding the tracking system, he stated it is “one of the signals we use to figure out if people are having a good experience.” The leak not only suggests potential future releases but also poses a risk by providing malicious actors with valuable insights into internal processes, workflows, and probable avenues for exploitation, as noted by the cybersecurity firm Tanium in a blog post. Malicious actors will analyze the code to ascertain details such as the tool’s management of local files, the data it may access during standard operations, and the implementation of guardrails, according to the firm.
