Anthropic PBC is investigating a report that unauthorized users accessed Claude Mythos, the next-level artificial intelligence model the company says is powerful enough to enable dangerous cyberattacks.

A small group of users in a private online forum gained access to Mythos on the same day Anthropic announced a limited testing release of the model, Bloomberg first reported Tuesday, citing a person familiar with the matter and documentation it had viewed. The group has been using the model regularly since, though not for cybersecurity purposes, the person said. The account was corroborated with screenshots and a live demonstration.

“We’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments,” an Anthropic spokesperson said. The company said there is no indication the activity extended beyond the vendor or that its own systems were affected.

The users reportedly gained entry through the credentials of a member of the forum who works for a third-party contractor that evaluates Anthropic models. The group combined those credentials with details from a data breach at artificial intelligence recruiting and training startup Mercor Inc. to locate the model.

Bloomberg’s source also claimed that the group has access to other unreleased Anthropic models.

Anthropic has previously described Mythos as having a level of coding ability that can “surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”

The company has restricted distribution to Project Glasswing. A preview version has been offered to Apple Inc., Amazon.com Inc., Cisco Systems Inc., CrowdStrike Holdings Inc., Google LLC, JPMorgan Chase & Co., Microsoft Corp. and Nvidia Corp., along with about 40 other organizations, so they can test and secure their own systems.

Access to the model has also become a point of contention across the U.S. government. The National Security Agency and the Commerce Department’s Center for AI Standards and Innovation already have access, according to reports and the Treasury Department is seeking it. The group using Mythos has so far avoided offensive tasks, reportedly to evade detection.

Ram Varadarajan, chief executive at cyber deception technology company Acalvio Technologies Inc., told SiliconANGLE via email that “the Mythos breach didn’t require a sophisticated attack.”

“It just required a contractor, a URL pattern and a Day-One guess, which means the ‘controlled release’ model failed at its weakest link before the model’s capabilities were ever the issue,” he said. “This is the supply chain problem that perimeter-centric security has always underestimated: access controls are a policy, not an architecture and policies fail.”

Tim Mackey, head of software supply chain risk strategy at application security firm Black Duck Software Inc., noted that “Anthropic’s marketing message for Mythos was effectively a challenge, not dissimilar to a capture the flag exercise, where success includes claims of unauthorized access to Mythos.”

“The unfortunate reality is that while it’s great to hear that novel cybersecurity models are being provided to select researchers to evaluate, if your team is on the outside looking in, waiting for the final report might not be top of mind,” said Mackey. “For defenders, even the specter of unauthorized access to an adversarial model as powerful as Mythos is purported to be only increases anxiety levels. What’s clear is that security leaders in organizations of all sizes should take this claim as a call to action focused on the role AI-enabled cybersecurity plays in their operations and how best to scale those efforts to deal with AI-enabled adversaries.”

Image: Anthropic