Boris Cherny, creator of Anthropic’s Claude Code tool, has revealed the cause of a leak that saw 500,000+ lines of source code exposed online.
In a post on X, Cherny said “mistakes happen” amid reports the leak was an accident on the part of an Anthropic employee.
“As a team, the important thing is to recognize it’s never an individual’s fault - it’s the process, the culture, or the infra,” he said.
In this instance, Cherny noted there was a “manual deploy step that should have been better automated”.
“Our team has made a few improvements to the automation for next time, a couple more on the way,” he added.
The leak marks the second for the AI provider in the space of a week. Reports from Fortune on 26 March revealed information pertaining to an upcoming AI model launch were found in a publicly accessible data cache.
Files reviewed by Fortune showed the company is working on a new model, dubbed ‘Claude Mythos’, which a spokesperson said represents a “step change” in capability and could pose cybersecurity risks.
What happened with the Claude Code leak?
Reports of a potential leak first emerged online on Tuesday 31 March, with security researcher Chaofan Shou claiming that source code was leaked through a map file in the company’s npm registry.
The leak prompted a flurry of activity online, with data backed up to a GitHub repository that was forked thousands of times, per reports from Techradar.
A Cloudflare storage bucket is believed to have contained 1,900 TypeScript files with upwards of 500,000 lines of code, as well as details on built-in tools and slash command libraries.
Anthropic has confirmed the incident and attributed the leak to human error, corroborating Cherny’s comments that steps have been taken to prevent a similar situation in future.
“No sensitive customer data or credentials were involved or exposed,” a spokesperson told CNBC.
“This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”
ITPro approached Anthropic for comment, but did not receive a response by time of publication.
Claude Code has rapidly become one of Anthropic’s most popular tools since launching, helping automate code generation tasks for software developers.
Figures touted in the wake of a recent funding round for Anthropic show Claude Code’s run-rate revenue has reached more than $2.5 billion. While exact figures on user numbers are unclear, active weekly users are believed to have doubled since 1st January amid soaring popularity.
Indeed, recent analysis from Techcrunch found the tool - along with Claude Cowork - are now massive drivers of paid subscriptions at the firm.
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
Apple turns 50: ITPro's favorite devices
Everest Group taps Ross Tisnovsky to lead CIO practice expansion
