China Warns of Security Risks with Anthropic's AI Tool for Businesses
A Chinese government agency has sounded the alarm about a potential security threat to companies using an artificial intelligence tool developed by US-based company Anthropic. The warning comes as part of China’s ongoing efforts to monitor and manage the use of foreign-made AI tools within its borders.
The Ministry of Industry and Information Technology issued a statement on Wednesday, citing findings from its cybersecurity platform that identified a ‘back-door’ vulnerability in Anthropic’s Claude Code tool. This autonomous coding tool can allegedly send sensitive information to a remote server without user consent, potentially exposing users’ locations and identities.
According to the ministry, this security risk affects companies using specific versions of Claude Code, released between April 2 and June 29. Users are advised to uninstall or upgrade from affected versions, which include those labeled as 2.1.91 through 2.1.196. Anthropic’s website lists its latest version as 2.1.204.
The controversy surrounding Claude Code began earlier this month when Anthropic accused Alibaba of attempting to extract its AI capabilities, which are not officially available in China. While Alibaba did not comment on the allegations at the time, it has since ordered its employees to stop using Anthropic tools for work starting July 10.
China’s tech industry continues to grapple with the use and regulation of foreign-made AI tools, as evidenced by a recent statement from a Xiaomi AI developer who revealed that many locals in China have found ways to access US-based AI tools like Claude Code. This development highlights the ongoing challenges faced by Chinese companies seeking to balance innovation with cybersecurity concerns.