VentureBeat has the story. The Anthropic statement:

Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.

I tweeted:

I repeat this to every new joiner at Anthropic but it’s worth repeating in public – we have a blameless culture and no single individual is at fault when bespoke complex systems break at scale

My colleague Jake Eaton sent me the long version of that argument. The NTSB asks why, not who, and that’s why you’ve never been in a plane crash.

On a smaller note, the April 1st surprise got spoiled too.