Anthropic Accuses Alibaba of Stealing AI Secrets via Fake Accounts

Anthropic Files Allegations Against Alibaba Over AI Data Theft

In a significant escalation of the intensifying technological rivalry between the United States and China, American artificial intelligence company Anthropic has formally accused Chinese e-commerce and technology behemoth Alibaba of using fraudulent accounts to illicitly access and extract data from its flagship Claude AI model. The allegations, which surfaced publicly through a BBC report, represent one of the most direct confrontations yet between a leading US AI firm and a Chinese technology giant over intellectual property and AI capabilities.

Anthropic, founded in 2021 by former OpenAI executives Dario Amodei and Daniela Amodei, has positioned itself as one of the foremost safety-focused AI laboratories in the world. Its Claude model, widely regarded as a serious competitor to OpenAI's ChatGPT and Google's Gemini, has attracted significant investment and enterprise adoption. The company alleges that Alibaba, through the use of deceptive and fraudulent user accounts, systematically queried its AI systems in a manner designed to extract proprietary model capabilities, training insights, and behavioral responses that could be used to inform and accelerate the development of rival Chinese AI systems.

The Mechanics of Alleged AI Extraction

According to the allegations, the method reportedly employed by Alibaba involved creating fictitious user accounts to bypass Anthropic's terms of service, which explicitly prohibit attempts to reverse-engineer, extract, or replicate the underlying intelligence of the Claude model. By posing as ordinary users, the alleged bad actors were able to run large volumes of sophisticated prompts designed to probe the model's reasoning architecture, knowledge boundaries, and response patterns.

This technique, often referred to in the AI security community as "model extraction" or "capability probing," is a growing concern across the industry. Unlike traditional cyberattacks that target databases or source code, model extraction attacks target the trained behaviors of AI systems — the accumulated product of billions of dollars in computational investment, data curation, and human feedback. For a company like Anthropic, which has invested heavily in developing a uniquely safety-aligned model, such an attack represents not just financial harm but a potential undermining of its competitive and strategic position.

Anthropic has not disclosed the full technical scope of what it believes was extracted, but the company's decision to go public with the accusations suggests it has gathered substantial evidence — likely through account activity logs, prompt pattern analysis, and behavioral fingerprinting of the interactions in question.

Alibaba's Response and the Broader Context

Alibaba, through its cloud computing and AI division Alibaba Cloud, has been aggressively investing in large language models and AI infrastructure as part of China's national ambition to achieve artificial intelligence supremacy. The company's Qwen model series has been positioned as a domestic and global competitor to Western AI offerings, and Alibaba has made no secret of its ambitions to lead in AI capabilities both within China and in international markets.

As of the time of publication, Alibaba had not issued a formal, detailed public rebuttal to Anthropic's specific allegations. The company's silence — or measured denial, should one follow — will itself be scrutinized closely by investors, regulators, and geopolitical analysts watching the US-China tech war unfold in real time.

A New Battlefield in the US-China Tech War

The accusations arrive against a backdrop of sustained and deepening technological competition between Washington and Beijing. The United States has implemented sweeping export controls on advanced semiconductors and AI hardware destined for China, citing national security concerns. China, in turn, has accelerated its domestic AI development programs, funneled state resources into frontier research, and encouraged its tech giants to close the gap with American counterparts as rapidly as possible.

In this environment, allegations of industrial espionage and intellectual property theft are both politically charged and strategically consequential. The US government has for years warned that Chinese state-linked entities and private firms operating under Beijing's influence use a variety of methods — including cyber intrusions, corporate espionage, and exploitation of open-access platforms — to acquire Western technological know-how.

The Anthropic-Alibaba dispute is notable precisely because it involves a purely commercial AI interface rather than classified government systems or traditional industrial trade secrets. It suggests that the frontier of technological competition has moved squarely into the civilian AI services space, where access is broadly available and the lines between legitimate use and adversarial probing can be difficult to draw.

Legal and Regulatory Implications

The legal dimensions of this case are complex. Anthropic's terms of service create contractual obligations, but enforcing them against a foreign national or a foreign corporation operating through layers of intermediary accounts is extraordinarily difficult. US courts have limited jurisdiction over Chinese entities, and bilateral legal cooperation on intellectual property and technology theft between Washington and Beijing remains deeply constrained by the political climate.

Nevertheless, the public nature of the accusation may serve multiple strategic purposes for Anthropic. It alerts other AI companies to similar risks, pressures regulators to consider stronger protections for AI model outputs, and positions Anthropic as a vigilant defender of its technology — a signal important to both investors and enterprise customers concerned about the security of AI systems they rely upon.

There is also growing momentum in Washington for legislative frameworks that would treat AI model capabilities as protectable intellectual assets, potentially paving the way for trade remedy actions or sanctions against foreign entities found to be engaged in systematic AI extraction. This case may serve as an important test case or reference point in those deliberations.

What This Means for the Global AI Ecosystem

Beyond the bilateral US-China dimension, the Anthropic-Alibaba dispute carries implications for the entire global AI ecosystem. It raises urgent questions about the sustainability of open-access AI deployment models, the adequacy of current legal frameworks for protecting AI intellectual property, and the extent to which AI companies can — or should — treat sophisticated foreign-state-linked actors as a distinct threat category when designing their security architectures.

AI laboratories around the world will be watching this case closely. If Anthropic's allegations are substantiated, it could prompt a significant tightening of API access policies, geographic usage restrictions, and behavioral monitoring systems across the industry — changes that would have widespread consequences for researchers, developers, and businesses globally who rely on access to frontier AI models.