The Bank of England will meet urgently with the UK’s National Cyber Security Centre (NCSC) and major British financial institutions to discuss the potential risks posed by Anthropic’s new Claude Mythos Preview model.
Scheduled to take place within the next fortnight, the meeting will convene representatives from the Financial Conduct Authority and the UK Treasury, as well as from banks, insurance firms and financial infrastructure providers.
It will focus on examining IT vulnerabilities detected by new general-purpose AI model Mythos, which Anthropic says has already discovered thousands of previously unknown security bugs, including some that had remained undetected in key infrastructure for decades.
The news comes the day UK Security Minister Dan Jarvis called on Ai companies to collaborate on building a ‘UK national cyber shield’. Jarvis announced the plans in response to an investigation by Anthropic into unauthorised access to its Mythos Preview model.
“We’re investigating a report claiming unauthorised access to Claude Mythos Preview through one of our third-party vendor environments,” the company said in response to a Bloomberg report reporting that users in a private forum managed to access the model without security permissions.
A test for the UK financial sector’s resilience
Claude Mythos’s capabilities have already prompted Anthropic to assemble Project Glasswing, which collects over 40 major companies (e.g. Amazon, Apple, Google, Microsoft, Cisco, Nvidia, Broadcom) into a coalition focused on studying and testing the new model’s implications for cybersecurity.
It’s in a similar vein that the UK’s Cross Market Operational Resilience Group (CMORG) is organising the upcoming meeting between British officials and financial industry representatives, with the group co-chaired by the Bank of England’s risk specialist Duncan Mackinnon.
One of the meeting’s aims will be to examine the ramifications Claude Mythos could have for the UK financial sector, and how the new model — which Anthropic says exceeds “all but the most skilled humans” in detecting software vulnerabilities — could undermine the sector’s stability and security.
CMORG’s other co-chair is David Posting, who is the CEO of UK Finance, a trade body representing over 300 of the UK’s banks and financial service companies.
Speaking to The Financial Times, UK Finance’s managing director for resilience, David Raw, said that the association is already aware of Anthropic’s latest model and some of its associated risks.
He said, “UK Finance engages with our members and through our public/private partnerships on any significant operational risks that could affect the resilience of the UK financial services sector.”
‘An increase in frequency and intensity of cyber threats’
The meeting comes as the UK Government’s AI Security Institute has been assessing Claude Mythos, as well as ChatGPT and other AI models.
It also comes as the government considers implementing a system whereby it would apply standardised testing to AI models used by all UK banks, after it received warnings from the Bank of England that voluntary AI monitoring wasn’t frequent or systematic enough.
According to the UK Government’s own data, 43% of businesses reported having experienced cyber incidents in the 12 months to June 2025, down from 50% in 2024.
However, an NCSC report from last year concluded that AI will result in “an increase in frequency and intensity of cyber threats” by 2027, while the spread of AI-based tools will “highly likely expand access to AI-enabled intrusion capability” to state and non-state actors.
The report also claimed that, without updates to cybersecurity practice and infrastructure, there will be “a realistic possibility of critical systems becoming more vulnerable to advanced threat actors.”
In its evaluation of Claude Mythos Preview’s cyber capabilities, the UK’s AI Security Institute concluded that the model is “capable of autonomously attacking small, weakly defended and vulnerable enterprise systems where access to a network has been gained.”
That said, the research organisation, which is part of the UK’s Department of Science, Innovation and Technology, shied away from suggesting that Mythos would be able to successfully attack “well-defended” IT networks and systems.
The Bank of England will meet urgently with the UK’s National Cyber Security Centre (NCSC) and major British financial institutions to discuss the potential risks posed by Anthropic’s new Claude Mythos Preview model.
Scheduled to take place within the next fortnight, the meeting will convene representatives from the Financial Conduct Authority and the UK Treasury, as well as from banks, insurance firms and financial infrastructure providers.
It will focus on examining IT vulnerabilities detected by new general-purpose AI model Mythos, which Anthropic says has already discovered thousands of previously unknown security bugs, including some that had remained undetected in key infrastructure for decades.
