Unauthorized Group Gains Access to Anthropic's Mythos AI Cyber Tool

A small group accessed Anthropic’s Mythos AI cybersecurity model without authorization via a third-party vendor.

Anthropic, a leading AI research lab, is probing reports of unauthorized third-party access to its sensitive Mythos AI model, a tool designed to detect and exploit cybersecurity flaws. The breach occurred on April 7, the same day Mythos was released for limited pilot testing by select firms.

• Unauthorized users gained access by leveraging credentials tied to a third-party contractor and employing standard investigative tools, according to multiple reports.
• An Anthropic spokesperson confirmed, "We're investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments."
• The group responsible indicated their motives were exploratory: "We are interested in playing around with new models, not wreaking havoc with them."

The incident further heightens concerns about the governance and security of AI models capable of revealing critical vulnerabilities in core digital infrastructure. Although Anthropic stresses that no internal systems appear compromised, the company is actively investigating the breach's scope.

With Mythos only available to a tightly controlled list of companies—including major players like Apple and Goldman Sachs—the breach underscores the difficulty of securing high-stakes AI tools even under restricted rollouts.

Legal professionals and compliance teams must intensify scrutiny around AI deployment and third-party partnerships, especially as sophisticated models come into broader legal and cybersecurity workflows.

Yes, but: Details about how the unauthorized group used Mythos and the potential impacts of their activities remain unknown.

What's next: Anthropic’s ongoing investigation may reveal further details about the breach or prompt changes in access controls.