Anthropic admits DMCA crackdown on leak‑related code mistakenly targets legitimate GitHub

Anthropic’s attempt to clamp down on the Claude Code leak quickly turned into a cautionary tale about automated takedowns. After a user named “nirholas” posted the leaked client source on GitHub, the company filed a DMCA notice that targeted that repository and “nearly 100 specifically named forks,” according to Ars Technica. GitHub’s automated system, however, interpreted the request as a blanket claim over the entire fork network, pulling down roughly 8,100 related repos—many of which were legitimate copies of Anthropic’s publicly‑shared Claude Code repository used for bug reports and community contributions [Ars Technica].

The overreach sparked an immediate backlash on social media. Developers who had merely forked the official repo found their projects vanished overnight, prompting a chorus of frustration. “I’m sorry that your people shipped your source code, and that your lawyers don’t know how to read a repo,” coder Robert McLaws wrote, adding that he would file a DMCA counter‑notice [Ars Technica]. Within 24 hours Anthropic moved to correct the mistake, asking GitHub to limit the takedown to the 96 URLs explicitly listed in the original notice and to “reinstate all other repositories that were disabled by network‑wide processing” [Ars Technica]. Boris Cherny, head of Claude Code, labeled the sweep “not intentional,” while Anthropic’s Thariq Shihipar called it a “communication mistake” [Ars Technica].

GitHub responded by restoring access to the affected forks after Anthropic retracted the broad notice, confirming that only the single repository originally cited would remain offline [Ars Technica]. Yet the episode underscores a deeper problem: even a precisely targeted DMCA request struggles to contain a leak that has already proliferated across multiple platforms. Copies of the Claude Code client are still searchable on GitHub, and the code has resurfaced on Codeberg—a German‑based service outside the immediate reach of U.S. DMCA enforcement [Ars Technica]. Moreover, developers are already repackaging the leaked TypeScript into “clean‑room” implementations in Python and Rust, leveraging AI‑assisted coding tools to sidestep the original source entirely [Ars Technica].

Anthropic’s predicament highlights the limits of legal muscle in the open‑source ecosystem. The company’s public Claude Code repo was deliberately made accessible to encourage community contributions, a strategy that now collides with the need to protect proprietary assets. As the leak spreads, the firm faces a dual challenge: preventing further unauthorized distribution while avoiding collateral damage to legitimate developers who rely on the official repository. The incident also raises questions about the efficacy of automated DMCA enforcement on platforms that host massive fork networks, where a single notice can inadvertently trigger a cascade of takedowns.

While Anthropic has now narrowed its takedown scope, the broader battle over the Claude Code leak is far from over. The code’s presence on multiple hosting services and the emergence of reimplemented versions suggest that any attempt to fully erase it from the internet will be an uphill slog. As the company continues to grapple with the fallout, developers and legal observers alike will be watching to see whether more nuanced, human‑reviewed takedown processes become the norm—or whether the DMCA’s blunt instrument will keep tripping over legitimate open‑source forks. [Ars Technica]