Urgent Claude AI warning: Hackers are using a ‘gift’ loophole to bypass 2FA - Tom's Guide

Detailed Analysis

A reported security vulnerability affecting Claude AI accounts has emerged, with threat actors allegedly exploiting a "gift" feature loophole to circumvent two-factor authentication (2FA) protections on user accounts. According to Tom's Guide's warning, attackers have identified that the gift subscription or gift account redemption flow within Anthropic's Claude platform may not enforce the same rigorous authentication requirements as standard login pathways, creating an exploitable gap. This type of attack vector — where secondary product features carry weaker security posture than primary login systems — represents a well-documented class of vulnerability that security researchers have observed across numerous digital platforms, and its appearance in an AI ecosystem marks a notable escalation in targeting of AI-specific services.

The significance of this vulnerability extends beyond a simple account-takeover risk. Claude accounts, particularly Claude Pro subscriptions, may contain sensitive conversation histories, API credentials, custom system prompts, and organizational data that make them high-value targets for corporate espionage, credential harvesting, and social engineering operations. Two-factor authentication is widely regarded as one of the most effective frontline defenses against unauthorized account access, and any mechanism that bypasses it — even through an indirect product feature like a gift redemption flow — effectively nullifies that protection for affected users. The attack's reported reliance on a "loophole" rather than a brute-force or malware-based method suggests a relatively low-barrier approach that could be replicated at scale.

This incident fits into a broader pattern of threat actors increasingly targeting AI platforms as they become more deeply integrated into professional and enterprise workflows. As tools like Claude are used for sensitive tasks — legal research, code generation, medical summarization, and strategic planning — the value of compromised accounts rises correspondingly. Cybercriminals have historically followed the adoption curve of high-value technology, and the mainstreaming of AI assistants throughout 2024–2026 has made platforms like Claude, ChatGPT, and Gemini increasingly attractive attack surfaces. Anthropic, like its competitors, faces the compounding challenge of securing not just core authentication infrastructure but every auxiliary product feature that touches account access.

Users of Claude AI — particularly those with Pro or Team subscriptions — are advised to review account activity logs, enable any available login notifications, and remain vigilant about unsolicited gift redemption prompts or emails, which may serve as phishing vectors in connection with this exploit. Anthropic has not yet publicly detailed a patch timeline based on available information, but the company's security team would be expected to treat any 2FA bypass as a critical-priority issue. The broader lesson for AI providers is that security reviews must encompass the entire user journey — including gifting, referral, and promotional flows — rather than focusing solely on core authentication endpoints, as these peripheral features represent an underexamined and increasingly exploited attack surface.