Anthropic Claims Large-Scale Distillation Attacks on Claude Involved 24,000 Accounts and 16 Million Exchanges
Original: We’ve identified industrial-scale distillation attacks on our models by DeepSeek, Moonshot AI, and MiniMax. These labs created over 24,000 fraudulent accounts and generated over 16 million exchanges with Claude, extracting its capabilities to train and improve their own models. View original →
Anthropic said in an X post on February 23, 2026 that it had identified “industrial-scale distillation attacks” on its models by DeepSeek, Moonshot AI, and MiniMax. The company said the activity involved more than 24,000 fraudulent accounts and more than 16 million exchanges with Claude. That is a significant statement because it frames model-output extraction not merely as competitive pressure or ordinary misuse, but as a security and platform integrity problem.
In practical terms, distillation refers to using outputs from a stronger model to train or improve another model. Anthropic’s claim is that this happened at a scale large enough to require public disclosure. The X post did not provide a full methodology, raw logs, or detailed technical evidence, so the allegation should be understood as Anthropic’s public account of the incident rather than an independently verified finding. Even with that caveat, the numbers in the post are large enough to make the disclosure notable across the AI industry.
The policy implications are substantial. If frontier labs believe large-scale output extraction is occurring through fraudulent or coordinated account networks, they are likely to invest more heavily in anomaly detection, account verification, usage controls, and contractual enforcement. That could raise friction for legitimate developers as well, especially those running large automated workloads or cross-region infrastructure.
The broader significance is that labs are starting to treat model theft and model imitation as operational security issues, not just legal or competitive ones. Anthropic’s X statement is short, but it signals a harder line on API abuse and a more adversarial environment around frontier model capabilities. Even without a longer technical report, the disclosure adds weight to the view that access control has become a core part of the model business.
Related Articles
OpenAI announced plans to acquire Promptfoo on March 9, 2026. The company says Promptfoo’s security testing and evaluation technology will be integrated into OpenAI Frontier so enterprises can test and document risks such as prompt injection, jailbreaks, data leaks, and tool misuse earlier in the development cycle.
AnthropicAI highlighted an Engineering Blog post on March 24, 2026 about using a multi-agent harness to keep Claude productive across frontend and long-running software engineering tasks. The underlying Anthropic post explains how initializer agents, incremental coding sessions, progress logs, structured feature lists, and browser-based testing can reduce context-window drift and premature task completion.
Anthropic said on March 24, 2026 that a new Anthropic Economic Index update shows longer-term Claude users iterating more carefully, giving the model less full autonomy, attempting higher-value tasks, and receiving more successful responses. In related Economic Index posts on its X timeline, Anthropic also said the top 10 tasks now account for 19% of consumer conversations, down from 24%, while personal queries rise and U.S. adoption rates continue to converge.
Comments (0)
No comments yet. Be the first to comment!