Anthropic just caught Alibaba running 28.8 million queries to steal Claude's brain

28.8 million exchanges.

25,000 fake accounts.

6 weeks of systematic extraction.

Anthropic just sent a letter to the Senate Banking Committee accusing Alibaba's Qwen division of running a coordinated campaign to steal Claude's most valuable capabilities — software engineering and agentic reasoning.

This is not a data breach. This is not a network intrusion.

This is adversarial distillation at industrial scale.

The playbook was simple: create thousands of fraudulent accounts, query Claude's most advanced features relentlessly, and use the outputs to train a cheaper model that mimics the original.

No zero-days. No malware. No social engineering.

Just API calls that look normal unless you're watching the pattern.

Why every CISO should care right now:

Your AI vendor's model capabilities are now a national security asset. If a competitor can extract them through your API, your entire R&D advantage evaporates.

The same attack vector works on any AI platform your organization uses. OpenAI, Google, Meta — every frontier model provider faces this.

If you're building on fine-tuned models, the training data pipeline is now an attack surface. Adversarial distillation can poison your model without touching your infrastructure.

What to do today:

Audit your AI API usage for anomalous patterns — repeated queries targeting the same capability class, burst volume from single accounts, automated prompt structures.

Demand anti-distillation controls from your AI vendors. Rate limiting alone does not stop this. You need usage fingerprinting and behavioral analysis.

If your organization is building custom models, assume your training outputs are being harvested. The question is not whether someone is trying — it's whether your vendor is catching it.

Alibaba has not responded.

The Senate is already drafting sanctions.

This is the new front in enterprise AI security — and most organizations are not watching it.

SOURCE: https://cisowhisperer.com/anthropic-accuses-alibaba-of-illicitly-accessing-claude-models-in-distillation-attack/
VERIFIED: CISO Whisperer (June 25, 2026), Anthropic letter to Senate Banking Committee (June 10, 2026), multiple security outlets
SIGNAL: Model theft via API abuse is now an enterprise-grade threat. Every organization using frontier AI models needs to treat output harvesting as a security control requirement, not a vendor problem.