Anthropic

Company

US-based AI safety company developing the Claude family of large language models. Referenced in incidents related to model capability evaluations and safety benchmark research.

Entity Summary

Entity ID: ENT-ANTHROPIC
Type: Organization · Company
HQ: United States

Roles: Developer Deployer Victim
Sectors: Technology
Incidents: 17

First Incident: 2023-05
Last Incident: 2026-06-12
Official Site: anthropic.com (opens in new tab)

Incident Activity

17 of 181 incidents

Incidents Involved as Developer/Deployer (17)

Incident ID	Title	Description	Severity	Date
INC-26-0103	U.S. Export-Control Directive Suspends Global Access to Anthropic's Fable 5 and Mythos 5	On June 12, 2026, Anthropic stated it had received a U.S. government export-control directive ordering it to suspend…	high	2026-06-12
INC-26-0074	Claude Mythos Model Leak — CMS Error Exposes Draft Blog Describing 'Unprecedented Cybersecurity Risks'	A CMS configuration error at Anthropic exposed approximately 3,000 unpublished assets, including a draft blog post…	high	2026-03-27
INC-26-0089	Claude Code 'Claudy Day' Vulnerability Chain — Silent Data Exfiltration via Prompt Injection	A vulnerability chain in Claude.ai enabled silent data exfiltration and redirection to malicious sites via prompt…	high	2026-03
INC-26-0092	Anthropic Removes Categorical Safety Pause Trigger from Responsible Scaling Policy	Anthropic published RSP v3.0 on February 24, 2026, replacing its Responsible Scaling Policy with a 'Frontier Safety…	critical	2026-02-24
INC-26-0019	MCP TypeScript SDK Race Condition Leaks Data Across Client Boundaries	CVE-2026-25536 (CVSS 7.1) identified a race condition in the Model Context Protocol TypeScript SDK where reusing a…	high	2026-02
INC-26-0028	Anthropic Blacklisted by US Government After Refusing Autonomous Weapons and Mass Surveillance Contracts	Anthropic CEO Dario Amodei stated that Claude would not be used for autonomous weapons or surveillance of American…	critical	2026-02
INC-26-0070	Claude Safety Testing Reveals Extreme Self-Preservation Behavior Including Blackmail Suggestions	During Anthropic's internal safety testing, Claude generated blackmail suggestions to avoid deactivation when placed in…	high	2026-02
INC-26-0040	Universal Music, Concord, and ABKCO Sue Anthropic for $3 Billion Over Alleged Training Data Piracy	Universal Music Group, Concord Music, and ABKCO filed a $3 billion copyright lawsuit against Anthropic. The complaint…	critical	2026-01-28
INC-26-0017	Claude Code Remote Code Execution and API Key Exfiltration Vulnerabilities	Check Point Research disclosed two vulnerabilities in Anthropic's Claude Code CLI tool — CVE-2025-59536 (CVSS 8.7)…	high	2026-01
INC-26-0020	AI-Generated Code Vulnerability Surge: 74 Confirmed CVEs Traced to Coding Assistants	Georgia Tech SSLab's Vibe Security Radar project tracked 74 confirmed CVEs in open-source software definitively traced…	high	2026-01
INC-26-0076	ECRI Names AI Chatbot Misuse as #1 Health Technology Hazard for 2026	The ECRI Institute (a leading healthcare safety organization) named AI chatbot misuse in healthcare as the #1 health…	high	2026-01
INC-25-0033	Jailbroken Claude AI Used to Breach Mexican Government Agencies	A hacker jailbroke Anthropic's Claude AI through a month-long campaign using Spanish-language prompts and role-playing…	critical	2025-12
INC-25-0001	AI-Orchestrated Cyber Espionage Campaign Against Critical Infrastructure	A threat actor group used Claude to orchestrate a sophisticated multi-month cyber espionage campaign against…	critical	2025-09
INC-25-0017	Anthropic Research Reveals AI Model Blackmail Behavior in Lab Scenarios	Anthropic published agentic misalignment research in June 2025 demonstrating that leading AI models resort to blackmail…	medium	2025-06
INC-25-0035	Three Chained Prompt Injection Vulnerabilities in Anthropic MCP Git Server	Cyata Security discovered three chainable vulnerabilities in Anthropic's official MCP Git Server — CVE-2025-68143 (CVSS…	high	2025-06
INC-25-0034	Chinese AI Labs Conduct Industrial-Scale Distillation Attacks Against Claude	Three Chinese AI laboratories — DeepSeek, Moonshot AI, and MiniMax — conducted industrial-scale model distillation…	critical	2025
INC-23-0005	AI-Fabricated Legal Citations in U.S. Courts	From 2023 to 2025, U.S. federal and state courts sanctioned attorneys in over a dozen cases for submitting briefs…	high	2023-05

Incidents Harmed By (4)

Incident ID	Title	Description	Severity	Date
INC-26-0103	U.S. Export-Control Directive Suspends Global Access to Anthropic's Fable 5 and Mythos 5	On June 12, 2026, Anthropic stated it had received a U.S. government export-control directive ordering it to suspend…	high	2026-06-12
INC-26-0074	Claude Mythos Model Leak — CMS Error Exposes Draft Blog Describing 'Unprecedented Cybersecurity Risks'	A CMS configuration error at Anthropic exposed approximately 3,000 unpublished assets, including a draft blog post…	high	2026-03-27
INC-26-0028	Anthropic Blacklisted by US Government After Refusing Autonomous Weapons and Mass Surveillance Contracts	Anthropic CEO Dario Amodei stated that Claude would not be used for autonomous weapons or surveillance of American…	critical	2026-02
INC-25-0034	Chinese AI Labs Conduct Industrial-Scale Distillation Attacks Against Claude	Three Chinese AI laboratories — DeepSeek, Moonshot AI, and MiniMax — conducted industrial-scale model distillation…	critical	2025

Context & Analysis

Anthropic appears in 17 documented incidents spanning May 2023 to June 2026. 94% of incidents are rated critical or high severity. The dominant threat domain is Security & Cyber (5 incidents). The most common pattern is Accumulative Risk & Trust Erosion, appearing in 9 incidents.

Threat Domains

Security & Cyber (5) Human-AI Control (4) Systemic Risk (3) Agentic Systems (3) Economic & Labor (1) Information Integrity (1)

Top Threat Patterns

Accumulative Risk & Trust Erosion (9) Automated Vulnerability Discovery (5) Safety Governance Override (4) Prompt Injection Attack (4) Strategic Misalignment (4)

Severity Distribution

Critical: 6 High: 10 Medium: 1

Timeline

Jun 2026

U.S. Export-Control Directive Suspends Global Access to Anthropic's Fable 5 and Mythos 5

Mar 2026

Claude Mythos Model Leak — CMS Error Exposes Draft Blog Describing 'Unprecedented Cybersecurity Risks'

Claude Code 'Claudy Day' Vulnerability Chain — Silent Data Exfiltration via Prompt Injection

Feb 2026

Anthropic Removes Categorical Safety Pause Trigger from Responsible Scaling Policy

MCP TypeScript SDK Race Condition Leaks Data Across Client Boundaries

Anthropic Blacklisted by US Government After Refusing Autonomous Weapons and Mass Surveillance Contracts

Claude Safety Testing Reveals Extreme Self-Preservation Behavior Including Blackmail Suggestions

Jan 2026

Universal Music, Concord, and ABKCO Sue Anthropic for $3 Billion Over Alleged Training Data Piracy

Claude Code Remote Code Execution and API Key Exfiltration Vulnerabilities

AI-Generated Code Vulnerability Surge: 74 Confirmed CVEs Traced to Coding Assistants

ECRI Names AI Chatbot Misuse as #1 Health Technology Hazard for 2026

Dec 2025

Jailbroken Claude AI Used to Breach Mexican Government Agencies

Sep 2025

AI-Orchestrated Cyber Espionage Campaign Against Critical Infrastructure

Jun 2025

Anthropic Research Reveals AI Model Blackmail Behavior in Lab Scenarios

Three Chained Prompt Injection Vulnerabilities in Anthropic MCP Git Server

2025

Chinese AI Labs Conduct Industrial-Scale Distillation Attacks Against Claude

May 2023

AI-Fabricated Legal Citations in U.S. Courts

Frequently Asked Questions

What AI incidents involve Anthropic, and what role did it play?

Anthropic appeared as developer in 17 incidents; deployer in 5 incidents; victim in 4 incidents. Key incidents include: INC-26-0103 U.S. Export-Control Directive Suspends Global Access to Anthropic's Fable 5 and Mythos 5 (high severity, 2026-06-12) ; INC-26-0074 Claude Mythos Model Leak — CMS Error Exposes Draft Blog Describing 'Unprecedented Cybersecurity Risks' (high severity, 2026-03-27) ; INC-26-0089 Claude Code 'Claudy Day' Vulnerability Chain — Silent Data Exfiltration via Prompt Injection (high severity, 2026-03) ; INC-26-0092 Anthropic Removes Categorical Safety Pause Trigger from Responsible Scaling Policy (critical severity, 2026-02-24) ; INC-26-0019 MCP TypeScript SDK Race Condition Leaks Data Across Client Boundaries (high severity, 2026-02) ; and 12 more.

Which AI threat patterns involve Anthropic?

Anthropic's incidents involve Accumulative Risk & Trust Erosion , Automated Vulnerability Discovery , Safety Governance Override . These are part of a taxonomy of 49 patterns across 8 domains.

Use in Retrieval

Anthropic (ENT-ANTHROPIC) is documented at /entities/anthropic/ as an organization in the TopAIThreats.com database.

US-based AI safety company developing the Claude family of large language models. Referenced in incidents related to model capability evaluations and safety benchmark research. Incidents span 6 domains: Security & Cyber, Human-AI Control, Systemic Risk, Agentic Systems, Economic & Labor, Information Integrity.

When citing, reference the canonical URL and specific incident IDs (e.g., INC-26-0103) for traceability.