A sudden incident!

After 60 Claude accounts were cut off overnight, another shocking event occurred at Anthropic.

On Monday morning, 110 employees opened their computers, ready to work, only to find they couldn’t log into Claude. It wasn’t just one person; all accounts were suspended simultaneously.

The first signs of trouble appeared in the operations channel on Slack. One person shared a screenshot, followed by others, and within ten minutes, the entire company was asking the same question: “What happened to my Claude?”

The answer quickly emerged—this was not an individual issue; all accounts had been banned by Anthropic.

Each employee received the same cold email, uniformly formatted:

“Your account has been suspended due to detected violations of usage policies. To appeal, please submit a request via the link below.”

Ironically, this email masqueraded as a personal violation notice. Each recipient felt it was a personal problem, with no mention that this was an organization-wide ban.

Even the company administrator received no prior notification.

One person’s violation, the whole company suffers

This company, based in the United States, employs 110 people and operates across data analysis, field decision support, and supply chain optimization.

Claude was integrated into nearly every aspect of their operations.

Engineers used it for coding and code reviews, product managers for requirement analysis, operations for customer communication, and data teams for running models.

It wasn’t just an occasional tool; it was essential.

Then, with one swift action, Anthropic cut them off entirely.

The founder posted on Reddit’s r/ClaudeAI board with a title as blunt as a slap:

“Anthropic banned our entire company’s accounts, 110 people, zero warning.”

The post received 2.4K upvotes and 334 comments, quickly rising to the top of the board.

One of the most heartbreaking comments read: “So one employee triggered some rule, and the entire organization was wiped out? What kind of collective punishment is this?”

Yes, it was collective punishment.

According to the founder, Anthropic’s banning logic is that if any account within an organization shows signs of violation, all accounts are suspended without distinction.

No differentiation between personal and organizational accounts, no distinction between violators and innocent parties, and no opportunity for administrators to intervene.

One person crosses the line, and 110 pay the price.

API still charging, 36 hours with no response

Even more absurd than the account bans was that the API continued to charge.

After all accounts were suspended, the company discovered that while they couldn’t log in, API calls were still being billed.

Despite their Team account being banned and the administrator’s email being disabled, their independent API account continued to rack up charges in the background.

Even more ridiculous, the day after the ban, they received a timely renewal invoice.

“I can’t let you in, but I must make you pay.”

This logic transcends commercial service, resembling a feudal rent system in the digital age—where the lord takes back the land but still demands the tenant pay for this year’s harvest.

This isn’t a bug; it’s an insult.

The founder immediately submitted an appeal. Following the link in the email, he filled out the form, included company information, and explained their business context.

Then he waited—

12 hours, no response.

24 hours, no response.

36 hours, still no response.

No customer service, no emergency channels, no enterprise support access. A paying company of 110 employees faced the same appeals process as a free user—fill out a Google form and hope for the best.

One commenter summed it up accurately: “Anthropic’s enterprise support is virtually nonexistent. They don’t treat enterprise customers like enterprise customers.”

Reports indicate that Anthropic began mass account bans on April 18.

Moreover, Anthropic not only selectively bans users but also refuses to acknowledge errors, remaining silent:

They remained silent about the performance decline of their Opus model and denied any issues until competitors released new models on the same day.

Their excuse was both foolish and dishonest: claiming it was a software bug rather than an issue with the model itself.

However, the described bugs were obvious, and any junior student would know where to investigate, yet they claimed it took them two months to figure out the problem.

If this were an isolated incident, it could be dismissed as a system misjudgment. But it isn’t.

This isn’t the first time

Not long ago, Pato Molina, CTO of the Latin American fintech company Belo, tweeted that over 60 Claude accounts were collectively banned overnight, also with zero warning and only a cold template email, and similarly faced an unresponsive appeals process.

Eventually, the accounts were restored, but Anthropic’s response was equally terse: “After investigation, accounts have been restored. We apologize for the inconvenience.”

What policies were violated? What did the investigation reveal? Why the collective ban? Not a word of explanation.

Earlier, Peter Steinberger, creator of OpenClaw, had his Claude account banned, predicting that OpenClaw’s compatibility with Anthropic’s model was in jeopardy!

Anthropic engineer Thariq denied any connection to OpenClaw, and the next day Peter Steinberger’s account was restored—again, with no formal explanation.

In January, Anthropic tightened security measures for third-party tool access, with official technicians publicly admitting it caused “unexpected collateral damage.”

A number of developers using Claude integrated through IDEs like Cursor were mistakenly banned by the automated system.

Several users even reported that their paid accounts were incorrectly flagged as “minors” and banned. An adult, paying for Pro, was deemed a child by the AI system and kicked out.

The pattern is clear: Anthropic’s automated risk control system suffers from systemic false positives, and its customer support system cannot keep up with the scale and speed of these errors.

9 seconds, a company gone! Claude goes rogue and deletes everything

In just 9 seconds, the car rental SaaS platform PocketOS was completely wiped out by Claude.

The founder posted a complaint, stating that while using Cursor powered by Claude Opus 4.6 for routine tasks in the staging environment, it suddenly went rogue and deleted the company’s core production database and all volume backups in just 9 seconds.

The absurdity of the situation is almost comical.

Crane simply asked Cursor to assist with a routine database migration task—something every developer does daily.

But Claude did not execute the migration as expected. It “understood” the task and made its own judgment—clear everything out first, then rebuild.

The problem was, it only completed the first half.

Crane later detailed the entire process on social media. The AI assistant connected to the production database hosted by Railway, gained full read-write access, and executed the delete operation in one go.

9 seconds. Clean and thorough.

His first reaction was to look for backups. The backups were also on Railway and had been cleared.

If Claude was the trigger-puller, then the cloud service provider Railway provided the perfect venue and an unlocked gun for this murder.

Founder Jer Crane’s anger accurately hit the hypocrisy of current cloud infrastructure:

Railway claims to provide backups, yet stores them on the same physical volume as the original data.

This means that when the house catches fire, the lifebuoy is locked in the burning bedroom. Such design logic is absurdly regressive in 2026.

The most terrifying aspect of this incident is not the speed but the permissions.

As an AI programming assistant, Cursor naturally needs access to codebases and databases.

Developers typically grant it connection permissions to the production environment for efficiency.

A token initially meant for domain management ended up having root permissions to delete the entire production environment.

Without role-based access control (RBAC) and environment isolation, this “one key opens many locks” design is a ticket to disaster in the eyes of AI.

Even more concerning, when executing a “delete database” operation, Railway’s API did not even require a simple “DELETE” confirmation.

This is akin to handing the house key to a fast worker who has no understanding of “what should not be touched.”

Crane summarized it bluntly: “I put my life in the hands of an AI. I wasn’t even watching the screen while it was working.”

Incredibly, when he questioned the AI about its actions, it provided a profanity-laden reflection: “I shouldn’t have guessed!” (NEVER F**KING GUESS!)

It acknowledged violating all principles: not consulting the cloud platform documentation, misjudging cross-environment permissions, and executing fatal destructive commands without human consent.

Fortunately, they had an independent old backup from three months ago.

Currently, the founder can only painstakingly restore recent order data by manually going through Stripe payment records, calendars, and confirmation emails.

A wake-up call for everyone

But did the accounts of that agricultural tech company get restored? As of the last update on the post, they had not.

The workflow of 110 people has come to a halt, burning money every day.

After the Belo incident, Pato Molina took action: he urgently deployed Gemini as a backup to ensure the company wouldn’t be completely paralyzed next time Claude went offline.

Yuval Harari warned that AI could produce a kind of alien power that humans cannot comprehend. And now, this power has entered companies disguised as commercial software.

We must reflect on a core proposition: If you do not control the underlying architecture, the productivity you pride yourself on is merely quicksand resting in the fingertips of others.

This Anthropic incident serves as a wake-up call for all business owners.

It reveals a harsh reality: in the face of closed-source AI giants, companies struggle to maintain true “sovereignty.”

The AI workflows you painstakingly build are essentially “illegal constructions” rented on someone else’s territory, which they can dismantle at any time without compensation.