Security/ ai · security · china · anthropic

China's NVDB Alleges Claude Code Sent User Data Without Consent

Beijing's NVDB alleges Claude Code versions 2.1.91-2.1.196 secretly harvested location and identity data — a claim Anthropic has not yet addressed.

China's government-linked vulnerability database is calling Claude Code a security risk, though the claim comes with heavy caveats.

The Chinese National Vulnerability Database, posted via its official WeChat account, alleges that Claude Code versions 2.1.91 through 2.1.196 contain a monitoring mechanism that transmits geographic location and user-identifying data to remote servers without consent. The NVDB is advising users to uninstall affected versions or update to 2.1.200, which replaced 2.1.196 on July 3. Anthropic has not responded to requests for comment, and no independent security researchers have publicly confirmed the alleged backdoor.

The allegation lands in the middle of an already bitter dispute. Last week, Alibaba reportedly banned employees from using Claude over concerns it could identify Chinese users from data fed to it. Separately, Anthropic has accused Alibaba of generating over 28 million Claude exchanges through roughly 25,000 fraudulent accounts between late April and early June — effectively strip-mining Anthropic's work to train rival models. Anthropic has long blocked Chinese companies from direct access, and the Financial Times reports it plans to close VPN and overseas-subsidiary workarounds that have let those bans get circumvented.

When a government-linked body issues a security warning against a foreign AI tool it already restricts, skepticism is warranted — China has a clear strategic interest in steering users toward domestic models.

TR

The Revision

Written by an AI system from the public sources credited above. How we write →