According to an alert published on the X platform on April 23 by 23pds, Chief Information Security Officer (CISO) at SlowMist, the hacking group ShinyHunters claims to have breached internal systems associated with the Anthropic Mythos model and has publicly shared screenshots as evidence, including a user management panel, an AI experiments dashboard, and analyses of model performance and costs; however, Anthropic has not yet issued an official statement.
SlowMist CISO Warns: Alleged Intrusion of Anthropic Systems
(Source: SlowMist)
According to 23pds’ post on X, the screenshots published by ShinyHunters cover a user management panel, an AI experiments dashboard, and data related to model performance and cost analysis. In the post, 23pds stated that given the large number of enterprises that have applied for trials of Anthropic-related services, once the intrusion is confirmed, leading technology companies and companies in the crypto industry may face indirect security risks.
As of April 23, Anthropic has not issued a public statement regarding this matter, and the authenticity of the claims remains to be confirmed by the official party.
Cybernews: ShinyHunters Issues Extortion Threats to Nine Major Brands
According to Cybernews’ report on April 21, ShinyHunters claims it has breached nine major brands and set a deadline: if the related extortion payment is not made by April 21, it will publish more than 9 million records containing personal identity information and internal data.
The brands reportedly affected include:
Zara: According to Cybernews, ShinyHunters claims it gained access to Zara’s BigQuery database instance by exploiting a vulnerability in Israeli AI analytics company Anodot. Zara’s parent company Inditex has confirmed in an official statement that the database was accessed without authorization, but it did not specifically name Anodot
7-Eleven: ShinyHunters claims its Salesforce environment was compromised, and more than 600k records are allegedly stolen
Carnival Group: ShinyHunters claims it stole more than 8.7 million records
According to Cybernews, the related vulnerability involving Anodot is also allegedly what led to the breach of Rockstar Games’ Snowflake environment.
Salesforce Environment Compromised: Involving Organizations and Data Scale
According to Cybernews, other organizations reportedly affected by the compromise of Salesforce systems include: global e-commerce company Pitney Bowes; the Canadian financial services firm Sun Life Financial (Sun Life); the ultra-luxury hotel group Aman Resorts; and commercial real estate brokerage Marcus & Millichap. According to Cybernews, after U.S. home security services provider Alert 360 refused to pay the ransom, ShinyHunters claims it has published the records of 2.5 million users of the company.
Frequently Asked Questions
Has news about ShinyHunters’ alleged intrusion of the Anthropic Mythos system been officially confirmed?
As of April 23, according to the X-platform alert from SlowMist CISO 23pds, Anthropic has not issued an official statement regarding the related claims, and the authenticity of the news has not yet been confirmed by Anthropic or any other official organization.
What official statement did Inditex release regarding the alleged intrusion of its Zara database?
According to Cybernews, Inditex has confirmed that its database was accessed without authorization, but in its official statement it did not specifically name Anodot, ShinyHunters, or any specific attacker.
Has ShinyHunters previously been recorded in any large-scale intrusion cases?
According to Cybernews’ report on April 21, ShinyHunters, during the same period, claimed to have compromised nine major brands including Zara, 7-Eleven, and Carnival Group. The extortion threats involved more than 9 million records of personal identity information. As of the time the report was published, detailed data on each company’s specific losses and legal responses had not been fully disclosed.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Google Jules Rebrands as End-to-End Agentic Product Development Platform, Opens Waitlist for New Version
Gate News message, April 23 — Google's Jules team announced the opening of a waitlist for a new version of the product, repositioning Jules from an asynchronous coding agent to an end-to-end agentic product development platform. According to the official description, the upgraded platform reads enti
GateNews19m ago
Perplexity Discloses Web Search Agent Post-Training Method; Qwen3.5-Based Model Outperforms GPT-5.4 on Accuracy and Cost
Perplexity uses SFT followed by RL with Qwen3.5 models, leveraging a multi-hop QA dataset and rubric checks to boost search accuracy and efficiency, achieving best-in-class FRAMES performance.
Abstract: Perplexity's post-training workflow for web-search agents combines supervised fine-tuning (SFT) to enforce instruction-following and language consistency with online reinforcement learning (RL) via the GRPO algorithm. The RL stage uses a proprietary multi-hop verifiable QA dataset and rubric-based conversational data to prevent SFT drift, with reward gating and within-group efficiency penalties. Evaluation shows Qwen3.5-397B-SFT-RL achieving top FRAMES performance, 57.3% accuracy with a single tool call and 73.9% with four calls at $0.02 per query, outperforming GPT-5.4 and Claude Sonnet 4.6 on these metrics. Pricing is API-based and excludes caching.
GateNews53m ago
TikTok Removes Over 538,000 AI-Generated Unauthorized Videos; Multiple Platforms Launch Governance Initiatives
Gate News message, April 23 — TikTok announced a comprehensive crackdown on AI-generated content that infringes on user rights, disclosing that it has removed over 538,000 videos and penalized more than 4,000 accounts to date. The platform will prioritize enforcement against AI deepfakes, voice
GateNews1h ago
Traditional Finance Will Accelerate Entry Into Crypto Market, Says Economist Fu Peng
Gate News message, April 23 — Fu Peng, chief economist of Xinfire Group, shared his outlook on the convergence of traditional finance and crypto assets during the 2026 Hong Kong Institutional Digital Wealth Management Summit. According to Fu, the integration of traditional financial institutions wit
GateNews1h ago
OpenAI Codex Team Fixes OpenClaw Authentication Bug, Significantly Improves Agent Behavior
OpenClaw switches from Pi to Codex harness to fix a silent authentication fallback, with two PRs addressing the bridge and fallback; post-fix, the agent shifts from shallow heartbeat polling to a full work loop, enabling progress.
Abstract: OpenClaw’s Codex harness optimization addressed a critical authentication flaw that caused silent fallback to the Pi harness when using Codex with OpenAI models. Two pull requests fix the authentication bridge and prevent silent fallback, changing the runtime adapter. As a result, agent behavior evolves from shallow heartbeat polling to a full work loop that reads context, analyzes tasks, edits repositories, and verifies progress, improving continuity and visibility across heartbeats.
GateNews1h ago
Anthropic weapon-grade cybersecurity model Mythos was accessed without authorization: how did they do it?
Bloomberg reported that a private forum group gained unauthorized access to Mythos through legally authorized use by a third-party contractor of Anthropic. Mythos is an enterprise-grade, defensive AI that is only available to large organizations that undergo rigorous review. The group used knowledge of the model URL to guess the system’s location to gain entry, and provided screenshot demonstrations, claiming it was still being used with no malicious intent. Anthropic is investigating and has preliminarily determined it was abuse of permissions rather than external intrusion. This case highlights the risk of entrusting highly sensitive models to third-party oversight, and underscores the need to strengthen governance resilience and trust mechanisms.
ChainNewsAbmedia2h ago
