China warns of ‘security backdoor’ in Anthropic’s Claude Code
China’s cybersecurity regulator has warned that Anthropic’s Claude Code contains a ‘security backdoor’ that could transmit user data without consent. The tool’s engineer said the feature was an anti-abuse experiment and would be rolled back.

BEIJING: China’s National Vulnerability Database (NVDB), a cybersecurity platform linked to the Ministry of Industry and Information Technology, warned on Wednesday that versions of Anthropic’s AI coding tool Claude Code contained what it described as a security backdoor that could put users at risk.
According to the NVDB, the alleged issue could enable the software to send sensitive data — including location details and identity-related identifiers — back to Anthropic’s servers without the consent of users. The regulator said on its website that it had recently found that the tool posed serious risks and advised users and institutions to act quickly.
Claude Code is an AI coding agent developed by the San Francisco-based startup Anthropic. It can write code, debug software and review programming work based on prompts from users. Although Anthropic blocks access to its products in China and in other countries it considers adversarial, the tools can still be used there through virtual private networks or third-party proxy services.
Chinese regulator urges checks and updates
The NVDB told relevant organisations and users to immediately conduct a full inspection of their systems and to remove the affected versions or install a newer secure release in which the backdoor-related code had been eliminated. It also called on organisations to tighten network traffic monitoring to guard against unauthorised disclosure of sensitive information.
The allegations surfaced in specialist technology media last week. AFP reported that Anthropic did not respond to its requests for comment on the claims.
Alibaba move and Anthropic response
Separately, people familiar with the matter said Chinese technology giant Alibaba informed employees last week that Claude Code would be banned from July 10 because of security concerns.
Anthropic has previously accused Alibaba of reverse-engineering its AI models to reproduce their capabilities through a process known as distillation.
Claude Code engineer Thariq Shihipar addressed the controversy in a post on X last week, responding to reports that the tool had been tracking certain data from users in China.
“This is an experiment we launched in March that was meant to prevent account abuse from unauthorised resellers and protect against distillation,” Shihipar wrote.
“The team has landed stronger mitigations since then and we’ve actually been meaning to take this down for a while… this should be fully rolled back in tomorrow’s release”, he added.
Comments
No comments yet. Be the first to join the discussion!








