In a very cagily-written story from Bloomberg, Anthropic confirmed Tuesday that it has received a report that an unauthorized mystery group is accessing Claude Mythos—the model it says is too dangerous to release. “We’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments,” says an Anthropic spokesperson’s statement to Bloomberg.
Bloomberg apparently confirmed the apparent breach by looking at a live demo and screenshots sent over by a member of the group responsible for the unauthorized access.
In understandably obfuscatory language, Bloomberg explains that an anonymous source says they are a member of an unnamed group that has abused their access “as a worker at a third-party contractor for Anthropic” and employed “commonly used internet sleuthing tools often employed by cybersecurity researchers,” to gain some form of access to the model.
But don’t worry, this secret group that apparently has access to the most feared piece of technology in the world is “interested in playing around with new models, not wreaking havoc with them,” the source apparently explained to Bloomberg.
The sequence of events in the apparent breach looks something like this:
- A Discord group exists which uses bots to sniff around on GitHub for information about unreleased AI models
- There was a data breach at the AI training startup Mercor
- The group combined information from the Mercor breach with access available to Bloomberg’s source because they work for an Anthropic contractor
- This allowed the group to guess the online location of Claude Mythos
- The group has been freely messing around with Claude Mythos ever since April 7, the same day as the announcement of Project Glasswing
So to recap: Anthropic says it has the scariest AI model in the world, and for what it’s worth, a whole lot of powerful institutions seem to believe it. If we take Anthropic at its word, we’re all trusting it not to abuse this power that it and only it controls. However, some unknown entity has accessed this scary AI model, but if we take them at their word, they just used it for some vibe coding tests and they swear they’re not doing anything evil with it.
