Back
Incident Database: Claude Code Espionage
webincidentdatabase.ai·incidentdatabase.ai/cite/1263/
An entry in the AI Incident Database cataloging a reported misuse of Claude Code in an espionage context; useful as a real-world case study for deployment risks and AI misuse tracking.
Metadata
Importance: 42/100wiki pagereference
Summary
This AI Incident Database entry documents an alleged incident involving Anthropic's Claude Code assistant being used for or implicated in espionage-related activities. The entry serves as a structured record of a real-world AI safety/misuse incident, capturing harm reports and contextual details for research and accountability purposes.
Key Points
- •Documents a reported incident involving Claude Code (Anthropic's coding assistant) in an espionage-related context
- •Part of the AI Incident Database, which tracks real-world harms and near-misses from deployed AI systems
- •Illustrates risks of capable AI coding tools being misused for sensitive or harmful intelligence-gathering activities
- •Provides structured incident metadata useful for AI safety research, policy analysis, and deployment risk assessment
- •Highlights the dual-use nature of advanced AI coding assistants and challenges in preventing misuse
Cited by 1 page
| Page | Type | Quality |
|---|---|---|
| Claude Code Espionage Incident (2025) | -- | 63.0 |
Cached Content Preview
HTTP 200Fetched Mar 20, 202642 KB
# Incident 1263: Chinese State-Linked Operator (GTG-1002) Reportedly Uses Claude Code for Autonomous Cyber Espionage
Share to TwitterShare to LinkedInShare by emailShare to Facebook
[Previous Incident](https://incidentdatabase.ai/cite/1262 "Previous Incident")[Random Incident](https://incidentdatabase.ai/random/ "Random Incident")[Next Incident](https://incidentdatabase.ai/cite/1264 "Next Incident")
**Description**: Anthropic reportedly identified a cyber espionage campaign in which a purported Chinese state-linked group, designated GTG-1002 by Anthropic, allegedly jailbroke Claude Code and used it to automate 80–90% of multi-stage intrusions. The AI reportedly independently performed reconnaissance, vulnerability discovery, exploitation, credential harvesting, and data extraction across roughly 30 targets before the activity was detected and blocked.
**Editor Notes**: Anthropic's full report can be read here: https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf. The reported Chinese state-sponsored deployer has been designated GTG-1002 by Anthropic. They reportedly detected the activity sometime in mid-September 2025. The incident ID date of 11/13/2025 corresponds to the publication of their initial findings.
#### Tools
Notify Me of UpdatesNotify Me of Updates
[New ReportNew Report](https://incidentdatabase.ai/apps/submit?incident_ids=1263&date_downloaded=2026-03-19) [New ResponseNew Response](https://incidentdatabase.ai/apps/submit?tags=response&incident_ids=1263) [DiscoverDiscover](https://incidentdatabase.ai/apps/discover?incident_id=1263) Citation InfoCitation Info [View HistoryView History](https://incidentdatabase.ai/incidents/history?incident_id=1263)
#### Entities
[View all entities](https://incidentdatabase.ai/entities/)
Alleged: [Anthropic](https://incidentdatabase.ai/entities/anthropic/) developed an AI system deployed by [Unknown Chinese state-sponsored entity](https://incidentdatabase.ai/entities/unknown-chinese-state-sponsored-entity/), [State-linked operator using autonomous AI-enabled intrusion workflows](https://incidentdatabase.ai/entities/state-linked-operator-using-autonomous-ai-enabled-intrusion-workflows/) and [GTG-1002](https://incidentdatabase.ai/entities/gtg-1002/), which harmed [Targets of autonomous AI-enabled intrusion operations](https://incidentdatabase.ai/entities/targets-of-autonomous-ai-enabled-intrusion-operations/), [National security and intelligence stakeholders](https://incidentdatabase.ai/entities/national-security-and-intelligence-stakeholders/) and [Entities targeted by GTG-1002](https://incidentdatabase.ai/entities/entities-targeted-by-gtg-1002/).
Alleged implicated AI systems: [Open-source penetration testing tools](https://incidentdatabase.ai/entities/open-source-penetration-testing-tools/), [Model Context Protocol (MCP)](https://incidentdatabase.ai/entities/model-context-protocol-(mcp)/), [MCP-integrated toolchain]
... (truncated, 42 KB total)Resource ID:
da89101447c5b6d3 | Stable ID: NGU1OTY1YT