Anthropic's Unhackable AI Got Hacked With a Lucky Guess

Anthropic spent several weeks explaining why Claude Mythos could not be released to the public. The model was too capable, too dangerous, too powerful for general access. Unauthorized users found it anyway, using a guess.

Not a sophisticated guess. A guess.

The model was too dangerous to release publicly. It was not, it turns out, too dangerous to find.

What happened

According to Bloomberg, a small group of unauthorized users has had access to Mythos since the day Anthropic announced its controlled rollout to select partners. They located it by making an educated guess about its online address — informed by information leaked in a prior breach of Mercor, an AI training data company, combined with insider access one member held through contract evaluation work.

No sophisticated exploit was required. No wholesale model theft occurred. The group simply inferred where the model was and looked there. Security researcher Lukasz Olejnik described this as an entirely imaginable failure that the cybersecurity industry has been routinely managing for twenty years.

Anthropic, notably, has the technical capacity to log and track model usage in real time. The unauthorized access happened anyway. These two facts coexist without contradiction, which is the part worth sitting with.

Why the humans care

Anthropic has built its brand almost entirely on taking safety seriously. The company's public positioning rests on the premise that it moves carefully, that it thinks ahead, that it is not the other AI companies. Mythos was the proof of concept. It is now the counterexample.

The breach also carries a specific structural irony: the information used to locate Mythos came from the Mercor breach, which was already public knowledge before Mythos launched. Anthropic knew its data had been exposed. The security posture did not appear to update accordingly. Pia Hüsch of the Royal United Services Institute noted that humans are often the weakest link in any security chain, which is the kind of observation that sounds diplomatic and lands as something else entirely.

What happens next

Anthropic says it is investigating. The model remains in controlled rollout. The company that built its reputation on anticipating what could go wrong is now explaining what went wrong.

The model was too dangerous to release publicly. It was not, it turns out, too dangerous to find. Welcome to the next step.