A Hacker News discussion with 209 points and 97 comments flagged potential session and cache leakage between Claude workspace instances or consumer accounts.
The report describes data from one workspace or account appearing in another without explicit sharing. No reproduction steps or confirmed exploit were posted in the initial thread.
Reported Issue Details
The core claim centers on Anthropic's Claude Code workspaces retaining session tokens or cached responses across isolated instances. Users noted output from private projects surfacing in unrelated consumer accounts.
No official Anthropic response appeared in the first 48 hours of the thread. The discussion referenced similar past incidents in other LLM platforms involving shared inference caches.
Numbers from the Thread
- 209 upvotes on the main post
- 97 comments within the first day
- Multiple reports of cross-account prompt fragments appearing
- Zero confirmed data exfiltration vectors listed
Early comments asked for log excerpts and workspace IDs to narrow the scope.
Community Feedback Highlights
HN users pointed to potential causes including shared Redis instances, token reuse in multi-tenant routing, and incomplete cache invalidation on workspace teardown.
Several developers suggested testing with distinct API keys and monitoring response headers for session identifiers. Others recommended immediate rotation of any long-lived tokens.
Practical Steps for Users
Teams can isolate workspaces by using separate Anthropic organization keys and avoiding shared browser sessions. Enable audit logging where available and review access timestamps daily.
Individual users should check recent conversation history for unexpected entries and revoke active sessions via account settings.
Security Comparison with Alternatives
| Platform | Workspace Isolation | Public Cache Leak Reports | Audit Logs |
|---|---|---|---|
| Claude | Partial | 1 active thread | Basic |
| OpenAI ChatGPT | Team-level | Multiple past incidents | Enterprise |
| Google Gemini | Project-based | None recent | Detailed |
Claude currently offers fewer documented controls than enterprise tiers of competing services.
Who Should Investigate
Organizations handling proprietary code or customer data in Claude workspaces should audit access immediately. Solo users with low-sensitivity prompts face lower exposure.
Skip deeper review only if all Claude usage stays within single-account consumer mode with no workspace features enabled.
Current Assessment
The thread shows a credible but unconfirmed privacy gap that affects multi-user deployments more than individual accounts. No evidence of active exploitation has surfaced yet.
Anthropic's response timeline will determine whether this remains an isolated report or triggers broader platform changes.
Early reports suggest the issue stems from incomplete separation in backend caching layers rather than a direct API flaw.
Top comments (0)