Anthropic Confirms Advanced AI Model Claude Mythos Following Data Security Incident

Anthropic officially confirmed the existence and testing of its advanced artificial intelligence model, Claude Mythos, on March 27, 2026. The confirmation followed an accidental data exposure where nearly 3,000 unpublished assets, including internal documents and draft blog posts, became publicly searchable via an unsecured data cache. Fortune initially reported the disclosure, which offered an elevated view into the company's development pipeline, prompting Anthropic to immediately restrict access to the repository.

The security lapse originated from a configuration error within Anthropic's content management system, which defaulted uploaded material to public visibility unless explicitly marked as private, an issue the company attributed to human error. The leaked materials detailed Claude Mythos as a model achieving significantly higher scores than the then-flagship Claude Opus 4.6 across critical domains, including software programming, academic reasoning, and cybersecurity. Internal drafts also suggested a dual naming convention, referring to the model internally as Capybara, positioning it as a new, more capable, and more expensive tier above the existing Opus, Sonnet, and Haiku offerings.

Cybersecurity researcher Alexandre Pauwels of the University of Cambridge and Roy Paz, Senior AI Security Researcher at LayerX Security, independently analyzed the exposed data. The documents contained explicit warnings regarding the cybersecurity risks associated with Claude Mythos, describing its potential to exploit system vulnerabilities at a scale that could surpass current defensive measures. This assessment highlights the dual-use nature of such powerful technology, where superior offensive cyber capabilities emerge as a byproduct of advanced general intelligence.

In response to the risk profile detailed in the drafts, Anthropic concluded that a highly cautious rollout strategy is necessary for Claude Mythos. The plan involves initially restricting access exclusively to organizations dedicated to cyber defense, allowing them a preparatory period to harden systems against potential future exploits from models of this capability level. This cautious approach follows Anthropic's recent product cycle, which included the release of Claude Opus 4.6 and Sonnet 4.6 in February 2026, with Opus 4.6 featuring a one million token context window.

The incident contextualizes Anthropic CEO Dario Amodei's January 2026 essay, "The Adolescence of Technology," where he mapped critical risks of powerful AI, including economic disruption and misuse. The market reaction to the leak was immediate; on March 27, 2026, US cybersecurity stocks experienced a downturn, reflecting investor concerns over the model's reported capabilities outpacing existing defenses. CrowdStrike shares fell by 5.4%, Palo Alto Networks dropped 5.5%, and Zscaler declined 5.6% by 1515 GMT, illustrating the tension between innovation and systemic risk for established security infrastructure.