A Shocking Initial Invoice
Last week, a Korean developer named REMY reported a bizarre incident online. He received a highly unusual billing email from Anthropic. The message arrived via the well-known payment platform, Stripe. It demanded a staggering payment of $1.66 million. Initially, the developer dismissed this message entirely. He assumed it was merely a clumsy phishing attempt. After all, he simply did not possess that kind of wealth. Consequently, he ignored the alarming notification.
The Escalating Financial Nightmare
However, the situation quickly escalated. More emails claiming failed multi-million-dollar transactions flooded his inbox. The cumulative total eventually reached an astronomical $16.62 million. Despite this, REMY remained convinced he was a target of scammers. Therefore, he continued to disregard the warnings.
The Bank Intervenes
Then, the sky seemingly fell. The developer received a terrifying text message directly from KB Kookmin Bank. This official alert confirmed a declined international transaction. Anthropic, an American AI company, had legitimately attempted the charge. Naturally, the bank blocked the transaction due to insufficient credit limits. His credit card certainly lacked a million-dollar capacity.
Real Charges Reveal the Truth
This meant the previous emails were not malicious phishing attempts. The payment platform had genuinely executed Anthropic’s massive billing requests. These attempts included charges of $1.66 million, $1.70 million, and $1.75 million. Ultimately, the real billing attempts totaled a staggering $16.62 million. Fortunately, the bank successfully intercepted all these transactions. No actual funds left the developer’s account.
Severe Consequences for the Developer
Nevertheless, these massive anomalies triggered intense institutional security protocols. Consequently, KB Kookmin Bank contacted the bewildered developer for clarification. At this point, REMY felt completely confused. The bank representatives were equally perplexed by the situation. Customer service advised him to contact Anthropic directly. Crucially, the bank immediately froze his primary credit card. They enacted this measure strictly for security reasons. While his money remained safe, the freeze severely disrupted his daily life. Furthermore, these persistent rejection records could damage his long-term credit score. The developer faced serious financial headaches through no fault of his own.
Investigating Potential Breaches
REMY urgently investigated his own systems for potential breaches. He regularly operates various AI automation tools. Therefore, he suspected a rogue program might have spammed the Claude API. However, his thorough investigation revealed no such activity. His tools had not engaged the Claude API at all.
An Empty Dashboard Provides Relief
Even more surprisingly, he checked his official Claude API dashboard. He discovered he had never actually created an API key. Thus, a credential leak was entirely impossible. Unsurprisingly, the dashboard displayed a current monthly balance of zero dollars. This discovery significantly eased the developer’s immediate anxiety. He confidently concluded the error originated entirely within Anthropic’s billing infrastructure.
The Frustrating AI Customer Service Loop
The subsequent communication process proved incredibly frustrating. The developer attempted to contact Anthropic’s customer service. Sadly, he encountered an endless maze of automated AI chatbots. These bots merely redirected him to generic security centers. Automated filters even misclassified his urgent emails as marketing inquiries. Consequently, the severe billing issue languished without proper human attention.
Desperate Appeals for Human Help
To force a resolution, REMY employed AI to draft numerous appeals. He dispatched these messages to various departmental email addresses. He targeted security, media relations, and customer support teams. His email subjects explicitly highlighted the erroneous $16 million charge. He clearly demanded immediate intervention from a human representative. Despite these efforts, he waited days without receiving any human response. He documented his ongoing struggle through detailed updates on his Threads account. Ultimately, he sent approximately fifteen desperate emails across the company. Four days later, he finally received a promising reply. The message stated the issue would transfer to a human agent. Ironically, an AI agent still drafted and sent this specific automated reply.
Anthropic Admits the Billing Glitch
Eventually, Anthropic officially acknowledged a catastrophic flaw in their system. Customer service explained the exact nature of the configuration error. A system glitch mistakenly set the automatic recharge limit to an absurd value. Therefore, the system was not billing for actual API usage. Instead, it repeatedly attempted to process massive automatic top-ups. The system triggered these charges even though his actual balance was zero. The representative emphasized this was not a security breach. The developer’s private account remained completely secure and uncompromised. The crisis stemmed purely from a broken internal billing mechanism.
No Compensation for Credit Damage
To prevent future occurrences, Anthropic disabled his auto-recharge feature entirely. They also reset the associated top-up values to normal levels. If he wishes to use the API again, he must manually reactivate it. Finally, the company revoked all the erroneous multi-million-dollar invoices. However, the developer remains deeply dissatisfied with this resolution. Anthropic’s massive error caused his bank to freeze his primary credit card. Now, he must personally navigate the resulting banking and credit complications. The company offered no assistance or compensation for these subsequent hardships. Currently, the developer plans to resume emailing Anthropic’s support team. He desperately seeks proper restitution for this stressful ordeal. Unfortunately, securing compensation from such a large corporation seems highly unlikely. It will be incredibly difficult to convince Anthropic to contact his bank directly. Ultimately, he will likely have to resolve the frozen card alone.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.