Anthropic's Claude Code Leak Triggers Sweeping DMCA Response
Anthropic accidentally leaked Claude Code's source code and quickly invoked DMCA takedowns.
Why it matters: The incident spotlights critical intellectual property risks for AI developers, demonstrating the limits and broad impacts of copyright law in emergent tech. Legal and IP teams must assess the effectiveness of DMCA enforcement in the context of rapidly evolving AI products.
- On March 31, 2026, Anthropic exposed 512,000 lines of proprietary Claude Code source code.
- The leak revealed internal frameworks, architectures, and unreleased features to the public.
- Over 8,000 takedown requests were filed, unintentionally affecting 8,100 GitHub repositories—including legitimate forks.
- Anthropic confirmed no sensitive customer data or credentials were exposed in the leak.
Anthropic, a leading AI company, announced on March 31, 2026, that it had accidentally released the internal source code for Claude Code, one of its flagship AI products. This exposure, caused by a release packaging issue and attributed to human error, resulted in the leak of approximately 512,000 lines of TypeScript code across nearly 2,000 files.
- The incident made public Anthropic's proprietary frameworks, unreleased features, and internal performance metrics—offering competitors valuable insight into the company’s development roadmap (PC Gamer).
- In response, Anthropic rapidly issued more than 8,000 DMCA takedown requests, targeting GitHub repositories hosting or forking the leaked code.
- This legal maneuver had unintended consequences: around 8,100 repositories, including legitimate forks of the official Claude Code repo, were swept into the DMCA dragnet (Ars Technica).
- Anthropic emphasized no sensitive customer data or credentials were compromised, framing the issue as non-malicious and unrelated to a security breach.
This leak follows a high-profile $1.5 billion lawsuit settlement over training data usage, further highlighting IP risks in the AI sector (Wikipedia).
According to a company spokesperson: “Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach.”
Boris Cherny, Head of Claude Code, added, “This was not intentional, we've been working with GitHub to fix it. Should be better now.”
As legal analysis notes, the episode exposes broader challenges with copyright as a containment tool for trade secrets in open-source—or rapidly leaked—AI environments.
By the numbers:
- 512,000 lines — Size of Claude Code leaked in the incident
- 8,100 — GitHub repositories unintentionally hit by DMCA takedowns
- $2.5B ARR — Claude Code's annualized recurring revenue as of February 2026
Yes, but: The DMCA takedown effort also impacted legitimate open-source development, raising concerns about overreach and collateral damage.