Chinese Firms Exploit 24,000 Fake Accounts for Claude AI Data

Chinese AI firms used 24,000 fraudulent accounts to extract capabilities from Claude AI. These firms generated over 16 million interactions with Claude. This was done without breaching any data centers. The companies involved include DeepSeek, Moonshot, and MiniMax. They used these fake identities on an industrial scale. This highlights weak identity controls as a major vulnerability, even more so than hardware restrictions. Copied models can retain useful behaviors but lose important safety features like rate limits and monitoring. This creates national security risks that differ from typical API abuse. The issue of identity verification has become a national security gap. Verifiable credentials and shared audit trails could help detect coordinated attacks in real-time. This situation shows that policy struggles to keep up with the spread of AI power if identity and access controls aren't portable and verifiable across platforms. This matters because the theft of AI model behavior poses significant national security risks, beyond just consumer protection.