Chinese regulator cautions firms from using Claude after suspicious "backdoor" identified
A cybersecurity platform operated by China's industry ministry has issued a warning this week after it identified a serious security "backdoor" risk in Anthropic's AI coding tool, Claude Code.
The National Vulnerability Database of China posted a statement on its WeChat account on July 8, reporting that Claude Code contains a built-in monitoring mechanism capable of transmitting sensitive information, including users' geographic location and identity-related identifiers, to remote servers without users' consent.
According to their findings, this applies to Claude Code versions 2.1.91 through 2.1.196. The database advised that organizations and users should immediately review affected systems and either uninstall the impacted versions or upgrade to the latest secure release in which the alleged backdoor code has been removed.
The Chinese agency also urged organizations to tighten controls on external network access for development tools and strengthen traffic monitoring on core business networks to prevent the unauthorized transfer of sensitive data.
China's tech giant Alibaba has already banned employees from using Claude Code at work after the tool drew scrutiny for features that can help identify China-linked users.
Developer Anthropic responded to this stance by arguing that what the Chinese authorities described as a "backdoor" was an experimental anti-abuse mechanism, and that access to Claude was not permitted in China.
By Nazrin Sadigova







