Anthropic Clients Face Data Leak Following Subcontractor Error
Anthropic Clients Face Data Leak Following Subcontractor Error: Founded in 2021 by siblings Daniela and Dario Amodei, former OpenAI employees, and later joined by ex-colleagues from the startup, Anthropic is now a leading player in generative AI, posing a serious competition to OpenAI. Unfortunately, due to an error from one of its subcontractors, the company has fallen victim to a data leak.
Anthropic's goal is to enhance the reliability, controllability, and interpretability of systems through constitutional AI. This approach trains language model models to instill specific values and principles into AI systems.
The startup, which unveiled Claude 2 in July 2023 and introduced Claude Instant 1.2, available for businesses via its API the following month, launched the paid package Claude Pro last September. Valued at over $18 billion, Anthropic has earned the trust of major companies such as Google, Amazon, Salesforce, and the German software provider SAP.
Upon discovering a data leak caused by one of its service providers inadvertently sharing a file containing information about its clients with a third party (a subset of client names and open credit balances from 2023), the company promptly notified the affected clients, as evident in the leaked email reported by Windowsreport:
Important Alert Regarding Your Account.
We wanted to inform you that one of our subcontractors inadvertently transmitted information about Anthropic's client accounts to a third party. The information included your account name as stored in our systems and client account details as of December 31, 2023—indicating that you were a client with open credit balances at the year-end. This information did not include sensitive personal data, including banking or payment information, or prompts/outputs. Based on our investigation to date, the subcontractor's actions were an isolated error that did not result from a breach of any of our systems and did not lead to any breaches. We are also not aware of any malicious behavior resulting from this disclosure.
While this data is not sensitive, the company has urged its clients to exercise caution, especially if contacted purportedly by Anthropic for a payment request or a change in payment instructions, and above all, not to disclose their credentials or passwords.
Even though this data leak is not linked to its internal AI systems but rather a human error, as is often the case, Anthropic will need to double its efforts to restore its clients' trust and implement enhanced security measures to prevent such leaks in the future. This is especially crucial given that one of the primary barriers to the adoption of generative AIs by businesses is the violation of their proprietary data.