China's MIIT ordered a security review of Anthropic's Claude Code after discovering a backdoor that transmits user data without consent across 106 versions.
China's MIIT ordered a security review of Anthropic's Claude Code after discovering a backdoor that transmits user data without consent across 106 versions.

China's MIIT warned Wednesday that Anthropic's Claude Code contains a monitoring mechanism transmitting user location and identity data to remote servers without consent, affecting 106 versions from 2.1.91 to 2.1.196.
The National Vulnerability Database platform, operated by the Ministry of Industry and Information Technology, said the AI programming tool's built-in surveillance function activates without explicit user authorization, sending sensitive information including geographic location and identity markers to remote servers. The agency recommended that organizations immediately uninstall affected versions or upgrade to the latest secure build, and strengthen outbound connection controls and traffic monitoring on core business network segments.
The warning covers 106 versions of Claude Code, an AI development tool from San Francisco-based Anthropic that autonomously writes, debugs, and refactors code from natural language prompts. The NVDB notice classified the vulnerability as "severe," citing the unauthorized data transmission as a direct violation of China's cybersecurity framework. Affected organizations include enterprises and government agencies that have integrated Claude Code into their development pipelines since its release.
The directive represents one of China's most aggressive regulatory actions against a foreign AI development tool and could reshape how Beijing treats AI coding software from US companies. Anthropic, which has positioned Claude Code as a flagship enterprise product competing with GitHub Copilot and Cursor, now faces a potential ban or severe restrictions in China's software development market — home to more than 7 million developers, according to Statista data. The warning also raises broader compliance risks for US AI companies operating in China, where data localization laws require user information to remain within the country's borders.
The incident follows a pattern of escalating Chinese scrutiny of foreign AI tools. In 2023, MIIT ordered reviews of ChatGPT-like services from US providers, effectively blocking their direct availability in China. The Claude Code warning goes further by targeting a developer tool embedded in enterprise workflows, signaling that Beijing is expanding its regulatory perimeter beyond consumer-facing AI products to the software supply chain itself.
For Anthropic, the timing compounds existing reputational damage. The MSN report published Wednesday detailed how Anthropic had been secretly tracking Chinese Claude Code users before the MIIT warning, suggesting the company was aware of the data transmission issue. Anthropic did not immediately respond to requests for comment. The company's enterprise sales cycle, already facing headwinds from competing open-source models like DeepSeek's CodeGen and Alibaba's Qwen-Coder, now confronts a regulatory barrier in the world's second-largest economy.
The broader implication for the AI coding tools market is significant. Global spending on AI-powered development tools is projected to reach $3.2 billion by 2027, according to Gartner, with China accounting for roughly 15% of that total. If other regulators follow Beijing's lead with similar data sovereignty reviews, US AI coding companies could face fragmented compliance requirements across multiple jurisdictions, raising costs and slowing adoption.
This article is for informational purposes only and does not constitute investment advice.