US artificial intelligence company Anthropic said users in China were never authorised to use its Claude Code product, responding after Beijing warned of security backdoor risks.
A cybersecurity platform managed by China’s Ministry of Industry and Information Technology said on Wednesday that Anthropic’s agentic coding tool poses “a serious threat” to Chinese users. According to a post on the WeChat account of China’s National Vulnerability Database, Claude Code’s “built-in monitoring mechanism” means that sensitive user information could be sent to a remote server without the user’s consent.
The warning applied to Claude Code versions 2.1.91 to 2.1.196, which span a period from April to late June. The post recommended that developers uninstall or upgrade to the latest secure version that has removed the relevant backdoor code.
Anthropic confirmed last week that it had embedded hidden code in Claude Code to track user locations in an attempt to stop illicit “distillation” of its models. The company has released newer versions since then and noted that users in China were never authorised to use the product.