Alibaba has prohibited its employees from using Claude Code, Anthropic’s AI-assisted coding tool, effective July 10, 2026, following a series of confrontations over unauthorized Chinese access to Anthropic’s models.

The ban came after Anthropic disclosed in a June 10 letter to the U.S. Senate Banking Committee that operatives linked to Alibaba’s Qwen AI lab had run roughly 25,000 fraudulent accounts between April 22 and June 5, generating more than 28.8 million interactions with Claude. Anthropic called it the largest known distillation attack it had ever identified — a technique where outputs from one AI model are fed into training another to replicate its capabilities without authorization.

Alibaba offered a different explanation. According to reporting by Chinese technology outlet Zhidongxi, an internal security review concluded that Claude Code contained a “backdoor” capable of bypassing normal security controls. Anthropic acknowledged the code existed but described it as an experimental mechanism launched in March 2026 to identify unauthorized resellers. “The team has landed stronger mitigations since then and we’ve actually been meaning to take this down for a while,” Anthropic engineer Thariq Shihipar said. Employees were also told to delete access to Anthropic’s Sonnet, Opus, and Fable models and switch to Alibaba’s own Qoder coding assistant.

The dispute has deeper roots. Anthropic’s terms of service already bar Chinese companies and their foreign subsidiaries from using Claude. Nonetheless, firms including Ant Group and ByteDance found workarounds: Ant gave staff corporate accounts linked to Singapore-based subsidiaries, while ByteDance reimbursed engineers for personal subscriptions purchased via VPN. Anthropic has since expanded its restrictions to cover ownership-linked structures and began requiring government-issued ID verification from flagged accounts in April 2026.

CEO Dario Amodei said in February that the company had “forgone several hundred million dollars in revenue” by restricting Chinese-linked access, citing legal, regulatory, and national-security concerns.

Read also