Anthropic confirms it suffered a data leak — AI wunderkid says human error behind customer info breach

A wall of data on a large screen.
(Image credit: Pixabay)

Anthropic has confirmed it recently suffered a data leak when a contractor mistakenly sent a file with sensitive data to an unauthorized third party. 

The news was confirmed in a letter sent to affected customers of the LLM and chatbot firm seen by WindowsReport, which also spoke to company representatives.

The Anthropic representative said the company became aware of the incident on January 22. “Our investigation shows this was an isolated incident caused by human error — not a breach of Anthropic systems,” the spokesperson said. “We have notified affected customers and provided them with the relevant guidance.”

Watch out for phishing

In the letter sent to affected customers, the company said that the leaked data included names (as maintained in Anthropic’s systems), and accounts receivable information as of December 31, 2023. 

“This information did not include sensitive personal data, including banking or payment information, or prompts/outputs,” the letter reads. “Based on our investigation to date, the contractor’s actions were an isolated error that didn’t arise from or result in any of our systems being breached. We also aren’t aware of any malicious behavior arising out of this disclosure.”

In other words, the contractor made a mistake, which is not that uncommon. Sending sensitive data to unauthorized third parties in error is one of the most common types of data leaks today. 

Still, Anthropic urged its customers to be vigilant, especially if they receive any communication “appearing to come from Anthropic, such as requests for payment, requests to amend payment instructions, emails containing suspicious links, requests for credentials or passwords, or other unusual requests.”

“We sincerely regret that this incident occurred and any disruption it might have caused you,” the company concluded. “Our team is on standby to provide support.” 

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.