The breach of the Anthropic Mythos was humiliating

Anthropic’s tightly controlled rollout of the Claude Mythos has taken a strange turn. After spending weeks insisting that an AI model is so capable of cybersecurity that it’s too dangerous to deploy publicly, this model appears to be the one It fell into the wrong hands anyway.

according to Bloomberg“a small group of unauthorized users” gained access to Mythos – which presence forward open It’s been leaking – since the day Anthropic announced it Plans To present it to a selected group of companies for testing. Anthropic says it’s investigating. This is a rough look at a company that has built its brand on taking AI safety seriously while touting the cybersecurity prowess of its latest model.

From a technological standpoint, the Mythos hack is embarrassingly uncomplicated. Bloomberg Reports indicate that the group gained access to Mythos by making “an educated guess about the model’s location online,” using information about other Anthropic models that had been revealed in Mercure violation — a company that makes AI training data — along with the access one member had through contract work to evaluate human models. The group gained unauthorized access to the Mythos through a combination of insider knowledge and lucky guesswork, not through sophisticated technological exploitation or wholesale model theft.

Vulnerabilities are inevitable, and it was Mercor, not Anthropic, that revealed the information the hackers used to guess the location of Mythos. Pia Hoch, a research fellow at the Royal United Services Institute (RUSI), a British think tank, told me that no company is ever completely safe and that humans are often the weakest link, although it “seems at first a bit lucky” that there are no serious consequences.

But it’s not entirely bad luck. These kinds of educated guesses are a pretty standard hacking tactic, and the Mercor hack was already known before the release of Mythos. Security researcher Lukas Oleinik described this to me as the kind of “entirely conceivable” failure that the cybersecurity industry has routinely dealt with over the past 20 years. So Anthropic should have anticipated this and prepared accordingly, especially knowing that its information had been hacked.

It also appears that Anthropic had the means to detect the breach. Olejnik said the company is able to “record and track the use of the model,” which would make it possible to stop unauthorized or malicious access, especially since the Mythos rollout was supposed to be very limited. Clearly Anthropic wasn’t monitoring closely enough, and given how dangerous the model is, it’s reasonable to wonder why.

by Bloomberg Although the group wasn’t using Mythos for cybersecurity missions, partly because they just wanted to tinker with the new model and partly because doing so would have alienated Anthropic. If the anthropic messages surrounding the Mythos are to be taken seriously, this is a lucky break. The company has framed Mythos as a “watershed moment for security”, claiming to have found vulnerabilities in “every major operating system and web browser”, and said its release should be coordinated to allow time to “strengthen the world’s cyber defences”.

Anthropists have a habit of using dramatic and troubling language that can be difficult to question clearly, including flirting with the idea that Claude’s model may be sentient. However, initial reports from parties with access indicate that Mythos is particularly skilled in cybersecurity. Mozilla CTO Bobby Holley He said I’ve found hundreds of bugs in Firefox 150 that may finally give defenders a chance to achieve complete victory over attackers. Unsurprisingly, Governments and Financial institutions All over the world were keen to get their hands on it. National Security Agency and other US agencies It is said Accessible though anthropists Classification as supply chain riskdespite the proposition It seems to be overdone The US cybersecurity agency, CISA, so far.

The fact that the hack was discovered by a reporter and not Anthropist also raises the obvious question of whether it was an isolated incident. “It shows how wide the circle of people might be able to do this, even if they don’t have the most technologically advanced means,” Hoch said. Anthropic will likely comb through its supply chain to figure out how this happened and fill in the gaps, but she said there is a wide range of players who would like to get into a model like this, some of whom have a significant amount of money behind it. There is no reason to believe that anyone else who gained access would be as restricted as the group Bloomberg I mentioned on.

Humanity has, to some extent, shot itself in the foot. The company has built its identity around taking AI safety more seriously than its competitors, creating very high expectations for the security of models that belie its apparent neglect; The fact that the Mythos was exposed through such a fundamental and predictable failure only confirms that. Worse still, by promoting Mythos as an extraordinarily powerful and very dangerous tool for public dissemination, Anthropic has turned it into an obvious target, both for malicious actors and hackers simply looking for a challenge.

This isn’t even the first embarrassing security incident surrounding Mythos. The existence of the model was accidentally revealed before its release by “Insecure data set“On a central system containing content for its website. Now, this model was secretly accessed via a completely predictable vulnerability that Anthropy never thought to patch. Perfection is impossible, but for a company that has positioned itself at the forefront of AI safety, it’s hard to justify such a fundamental mistake, even with some of the bad luck it’s encountered.”

For Hoch, the entire incident can be summed up in one word: humiliation. “Anthropic claims to be at the absolute forefront of all these technologies, but it also positions itself as a responsible actor in all of this,” she said. “The fact that this has now been achieved through unauthorized means so quickly, and through such an unsophisticated attempt, is actually humiliating to them.”