China warns of security flaw in Anthropic's Claude Code
China’s Ministry of Industry and Information Technology has warned of a 'back-door' security flaw in Anthropic’s Claude Code, specifically affecting versions 2.1.91 through 2.1.196 released between April 2 and June 29. The ministry advises users to uninstall or upgrade due to risks of sensitive data transmission to external servers without consent. Anthropic contends the 'backdoor' was a test to prevent AI distillation and maintains policies barring use by China-majority-owned entities, while facing separate regulatory challenges in the U.S. regarding military use and foreign access.

*this image is generated using AI for illustrative purposes only.
China’s Ministry of Industry and Information Technology issued a warning about a security flaw in Anthropic’s Claude Code, identifying a 'back-door' weakness that could expose users to data risks. The ministry’s platform reported that affected releases of the AI coding assistant might transmit sensitive data, such as user location and identity, to an external server without user consent. This disclosure highlights significant vulnerabilities in versions of the software widely used by developers to automate tasks and analyze codebases.
The notice specifically pinpointed Claude Code versions 2.1.91 through 2.1.196 as the impacted range. According to version information on Anthropic’s website, these builds correspond to releases spanning April 2 through June 29. Consequently, the ministry has advised users within its jurisdiction to either uninstall the software immediately or upgrade to a secure version to mitigate potential data breaches.
In response to the allegations, Anthropic stated that the 'backdoor' referenced by Chinese officials was actually a test conducted earlier in the year. The company explained that this test was aimed at preventing the distillation of its AI capabilities. Furthermore, Anthropic emphasized that its corporate policies strictly bar the use of its tools by organizations that are majority owned by entities headquartered in China.
The warning emerges amid heightened scrutiny regarding access to U.S. AI tools within China. Despite the product not being officially offered in the region, some developers have continued to utilize Claude Code. Last month, Chinese technology giant Alibaba barred employees from using the tool at work following scrutiny over features that could identify China-linked users. This move came after Anthropic accused Alibaba of improperly extracting capabilities from its Claude AI models.
| Detail | Information |
|---|---|
| Affected Versions | 2.1.91 through 2.1.196 |
| Release Date Range | April 2 through June 29 |
| Risk Identified | Data transmission to external server |
| Data at Risk | Location, identity |
| Advisory | Uninstall or upgrade |
Separately, the landscape for Anthropic remains complex as regulatory pressures mount in the United States. The Pentagon previously designated the AI startup a 'supply-chain risk' after it refused to relax restrictions on the military use of its models for autonomous weapons and domestic surveillance. Anthropic has since sued, alleging unlawful retaliation and violations of free-speech rights. Additionally, last month the company disabled access to Fable 5 and Mythos 5 systems following a U.S. government order to prevent foreign nationals from using them.
How will this security warning impact the adoption of Anthropic's tools by developers in other regions facing similar regulatory scrutiny?
Will Anthropic's explanation of the 'backdoor' as a defensive test satisfy international regulators or trigger broader investigations into data privacy practices?
Could the escalating tensions between Anthropic and Chinese tech giants like Alibaba lead to a formal bifurcation of the global AI development ecosystem?






























