Anthropic Says Unauthorized Users Accessed Mythos Through Third-Party Vendor

The company is investigating how a Discord-connected group reached the unreleased cybersecurity model on April 7, even as Mozilla credits Mythos with finding 271 bugs in Firefox 150

Anthropic said a small group of unauthorized users reached Claude Mythos Preview, the unreleased cybersecurity model the company has called too dangerous to release publicly, through a third-party vendor environment on April 7, according to a statement it provided to Bloomberg and relayed Tuesday by The Verge. April 7 is also the day Anthropic announced it was sending Mythos to a limited set of corporate partners for testing.

The breach puts a concrete incident behind warnings raised at last week's International Monetary Fund meetings in Washington, where finance ministers and central bankers from Japan, Australia, New Zealand and India pressed Anthropic over the model's capacity to find and exploit vulnerabilities at scale. Official access remains limited to a handful of Project Glasswing partners, including Nvidia, Google, Amazon Web Services, Apple and Microsoft.

How the access happened

The Verge, citing Bloomberg, reported that members of a private online forum gained entry using a contractor's credentials and "commonly used internet sleuthing tools." The group, which Bloomberg said operates in a Discord channel that tracks unreleased AI models, used knowledge of Anthropic's earlier model formats obtained from a recent Mercor data breach to make "an educated guess" about where Mythos was hosted. Members have continued to use the model since, supplying Bloomberg with screenshots and a live demonstration, and Bloomberg reported they avoided cybersecurity tasks to evade detection. Other unreleased Anthropic models were also accessed, according to Bloomberg.

"We're investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments," an Anthropic spokesperson told Bloomberg. The company said it has no evidence the access has reached its own systems or extends beyond the vendor.

The defender case

The incident lands the same week Mozilla said it used Mythos to pre-identify 271 security vulnerabilities in Firefox 150, released this week. Firefox Chief Technology Officer Bobby Holley wrote in a Mozilla blog post that the model is "every bit as capable" as elite human security researchers and that, with it in defenders' hands, "defenders finally have a chance to win, decisively." Anthropic's prior Opus 4.6 model found 22 security-sensitive bugs in Firefox 148 last month, Holley noted; Mythos found more than 12 times as many one version later.

What is unclear

Anthropic had not publicly named the vendor, disclosed how long the access went undetected before Bloomberg's inquiry, or said whether it has revoked the contractor's credentials. The company had not responded to further press inquiries by press time, and the group behind the access has not spoken on the record beyond the single contractor quoted by Bloomberg. No account from the unauthorized users or the affected vendor was available.

Central banks in Tokyo, Sydney, Wellington and Mumbai are continuing to monitor the model's exposure for financial-system risk, and the U.S. Treasury has urged large banks to test their defenses before any broader Mythos release. Anthropic has said it still has no plans to release the model publicly.