Unauthorized Access to Anthropic’s Claude “Mythos” Model via Third‑Party Contractor Highlights AI Supply‑Chain Risk
What Happened – On the day Anthropic announced its controlled‑release Claude Mythos model, a threat actor guessed the endpoint naming convention and accessed the model through credentials belonging to a contractor of a third‑party vendor. The breach did not stem from a flaw in Anthropic’s core infrastructure but from the contractor’s environment.
Why It Matters for TPRM –
- AI model releases create a large, semi‑public attack surface that extends to every vendor and their subcontractors.
- Credential compromise in a supply‑chain partner can give adversaries direct access to high‑value intellectual property without breaking the primary provider’s perimeter.
- State‑backed actors (e.g., North Korea’s Lazarus group) can monetize stolen AI capabilities to accelerate illicit cryptocurrency operations that fund weapons programs.
Who Is Affected – Companies that integrate Anthropic’s API, AI‑focused SaaS platforms, and any organization that relies on third‑party contractors for AI model deployment.
Recommended Actions –
- Review all contracts and NDAs with AI vendors to ensure they mandate strict subcontractor vetting and continuous monitoring.
- Enforce MFA and least‑privilege access for all contractor accounts that can reach AI endpoints.
- Conduct regular supply‑chain penetration tests that include simulated credential theft of vendor personnel.
Technical Notes – The attack vector was a compromised contractor credential (likely obtained via phishing or credential reuse). No public CVE was involved; the exposure was a supply‑chain credential compromise. Data accessed included the proprietary Claude Mythos model and any prompts submitted during the session. Source: Recorded Future – Lazarus Doesn’t Need AGI