Anthropic has opened an investigation after discovering that a small group of Discord users gained unauthorized access to the AI company’s powerful new Mythos model, Bloomberg reported on Tuesday.

Updated – April 22nd, 10:30 p.m. ET: A ShinyHunters impersonator has since taken credit for the unauthorized access, circulating AI-fabricated screenshots as proof – but those claims have been dismissed by researchers.

The “small group of unauthorized users” was said to have accessed the advanced Mythos AI model the same day Anthropic began rolling out a preview of the model to a limited group of approved companies for testing in late February.

“We’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments,” Anthropic said in a statement.

The Cybernews community is talking about this. Be a part of the conversation.

With the model publicly introduced on April 7th, the incident is raising fresh concerns over how tightly the high-end cybersecurity tool is being controlled.

“I think the interesting thing is that everyone is going to focus on the headlines: ‘AI tool capable of cyberattacks falls into the wrong hands,’" says Gabrielle Hempel, Security Operations Strategist at Exabeam.

“The real problem, however, is that this model was never supposed to be broadly accessible, it was intentionally restricted to a small set of orgs due to dual-use risk, and it still leaked almost immediately due to a contractor environment.”

Anthropic has touted its Claude Mythos Preview model as “so powerful that it could enable dangerous cyberattacks,” according to a person familiar with the matter and documentation reviewed by the media outlet.

The San Francisco-based company said there was no evidence that the unauthorized access impacted any of Anthropic’s systems or went beyond the third-party vendor’s environment, Bloomberg reported.

Still, Anthropic has not publicly confirmed the full scope of the incident, and it remains unclear whether any vulnerabilities were identified or exploited by the unauthorized users.

Unverified claims link ShinyHunters to incident

Meanwhile, rumors that ShinyHunters were the unnamed users behind the unauthorized access began to circulate on social media Wednesday.

The impostors began sharing screenshots of what seemed to be a Mythos dashboard, complete with user management panels, AI experiment dashboards, and model performance & cost analytics, according to a post by Dark Web Intelligence on X.

“At this stage, authenticity is unverified — but if confirmed, this would be a major escalation,” they said.

But despite the appearance of having full access to Anthropic’s AI model, those rumors were quickly debunked as AI slop by several industry insiders.

Security researcher Dominic Alvieri posted a screenshot of the claim, describing the blurred image as originating “from a fake TG Shiny and fake BS AI generated Mythos panel samples.”

“Claude Mythos was not breached by ShinyHunters,” he said adding that “attribution and clarification isn’t always this easy [email protected]”

Access traced to private online group

The illicit users were said to be part of a private Discord forum that managed to gain entry despite the model being restricted to select organizations under the newly launched Project Glasswing initiative.

Project Glasswing – limited to 40 technology and infrastructure organizations, including Amazon, Google, Microsoft, Apple, and Cisco – has granted those companies permission to test Mythos’ extraordinary vulnerability-detection mechanisms and autonomous security patching on their own systems.

According to the person familiar with the matter, the users “relied on a mix of tactics” to break into the system, but there was no direct breach of Anthropic’s core systems.

The Discord channel at the center of the incident appears focused on digging up information about unreleased models, often using bots to scour sites like GitHub for details shared by AI companies and industry insiders.

One method of access was via a single worker at the unnamed third-party contractor used by Anthropic, while another tactic included “trying commonly used internet sleuthing tools often employed by cybersecurity researchers,” the person told Bloomberg.

Hempel points out that “while everyone seems focused on securing against sophisticated nation-state actors, we’ve increasingly seen third-party access paths becoming the weakest link.”

“Any time you build a high-capability system and expose it even to a semi-distributed environment (partners, contractors, ‘trusted’ ecosystems), you’re expanding your attack surface beyond what you can realistically control,” Hempel explains.

Built to find and exploit vulnerabilities

The Mythos rollout has already drawn scrutiny from regulators and policymakers, after internal testing (and external evaluations) have shown the model can uncover serious flaws in operating systems, browsers, and other foundational software.

This has triggered warnings across the board that the frontier model could be misused to accelerate cyberattacks or expose critical weaknesses in widely used systems.

Steve Povolny, Vice President of AI Strategy & Security Research at Exabeam warns “The reality is, Pandora is out of the box.”

“If it was as relatively easy as it sounds to gain access to the world's most talked-about security model, it’s very likely a much larger group will have access to Mythos far sooner than originally intended,” Povolny says.

Anthropic itself has categorized Mythos as being “too dangerous” for public consumption, and has sparked fears ​after its preview model had uncovered "thousands" of major vulnerabilities and zero days in "every major operating system and web browser."

Security experts are also warning that the advanced AI tool – capable of autonomously identifying and exploiting vulnerabilities within just a matter of hours – could easily outpace existing cybersecurity defenses.

Anthropic has been slowly expanding its availability to not only select corporate entities but also government users, including financial institutions and US federal agencies, prompting the Trump administration to call a meeting with Anthropic CEO Dario Amodei last Friday to discuss the White House blacklisting of the AI start-up.

And earlier on Tuesday, financial regulators across Australia and South Korea raised concerns about the AI model, arguing it could destabilize entire banking systems, joining earlier warnings from regulators in several EU nations.

Povolny says the next question is whether researchers or adversaries will be able to leverage the tech more effectively to reduce cyber risk.

“Will we see widespread exploitation or widespread discovery and patching first? Or will this be another DeepSeek moment? Overreactions or underwhelming impact?” he asks, adding “either way, should be interesting to watch this unfold.”

---

Unlock more exclusive Cybernews content on YouTube.