Third-party contractor leaks Anthropic account info just one day after the FTC investigation
2 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Recently, all Anthropic clients received a letter warning them about an impending data breach, so if you’ve got the letter, be careful what you click on next.
Apparently, one of their contractors misdirected some account information from Anthropic to a third party, and one can only asume that the so-called third-party was or still using the information for gain.
Is the Anthropic breach linked to the FTC investigation?
Yesterday, the Federal Trade Commission announced that it requested five companies, including Anthropic PBC, to provide information about their investments and partnerships around generative AI companies and major cloud service providers.
The order was also issued to Alphabet, Amazon, Microsoft, and OpenAI, but we also know that Google and Amazon invested in Anthropic so they have pretty strong business connections in the AI landscape.
We don’t have any reasons to believe that the Anthropic data breach is connected to this investigation but when tension arises, mistakes appear.
According to the letter sent by Anthropic, it states that the leak involves information included in the account name and accounts receivable information as of December 31, 2023.
The data leaked basically said that you were a customer with open credit balances at the end of the year.
This information did not include sensitive personal data, including banking or payment information, or prompts/outputs. Based on our investigation to date, the contractor’s actions were an isolated error that didn’t arise from or result in any of our systems being breached. We also aren’t aware of any malicious behavior arising out of this disclosure.
How to avoid any issues?
Although, according to Anthropic, the leak didn’t involve any sensitive data, they advise all their customers to be on alert for any suspicious communication comming from them.
In other words, don’t click on any suspicious links in your email, don’t respond to any credentials or password requests, and verify any contacts that may appear linked to Anthropic.
Of course, don’t send any bank account or credit card information because Anthropic wouldn’t ask for any such details.
This might be just a drop in the ocean or become a very big data loss concern so, if you’re an Anthopic client, we also advise you to be on high alert.
User forum
0 messages