Claude.ai unavailable and elevated errors on the API
TL;DR Highlight
Anthropic’s entire service suite—Claude.ai, the API, Claude Code—became inaccessible for 1 hour and 18 minutes (17:34–18:52 UTC), sparking outrage among enterprise users over reliability concerns.
Who Should Read
Developers integrating the Claude API or Claude Code into production services, and team leaders grappling with LLM service availability and multi-model strategies.
Core Mechanics
- The outage began at 17:34 UTC on April 28, 2026, and was resolved at 18:52 UTC, lasting a total of 1 hour and 18 minutes. Affected services included claude.ai, Claude Console (platform.claude.com), Claude API (api.anthropic.com), Claude Code, Claude Cowork, and Claude for Government—essentially the entire service portfolio.
- The root cause was identified as an issue related to authentication. A surge in authentication errors occurred in API requests and Claude Code login paths, and claude.ai itself became inaccessible.
- Anthropic announced the investigation at 17:41 UTC, identified the problem at 17:51 UTC, reported work in progress at 18:33 UTC, transitioned to a monitoring phase at 18:59 UTC, and declared final resolution at 19:15 UTC, updating the status page throughout.
- Data shared from status.claude.com indicated that Claude’s uptime had fallen to the ‘one nine’ level—just over 90%—in the last 90 days. This level is widely considered unacceptable for production environments.
- A user from an organization spending over $200,000 monthly on the enterprise tier reported frequent outages in recent months and poor support, leading to anger from leadership. They stated that a ‘one nine’ level of reliability is unacceptable given the cost.
Evidence
- "A user spending over $200,000 monthly on Anthropic’s enterprise tier lamented frequent outages and poor support in recent months, indicating escalating frustration at the executive level and potentially leading to contract re-evaluation."
How to Apply
- If you rely on the Claude API as a single point of failure in production, consider adding automatic fallback logic to alternative models like OpenAI (Codex) or Google (Gemini). This can ensure continued operation during outages like the one experienced.
- Organizations spending tens of thousands of dollars monthly on the Claude API should regularly monitor Anthropic’s status.claude.com and subscribe to email/SMS alerts. Integrating with PagerDuty or Slack webhooks can reduce response times.
- Teams heavily using Claude Code in their workflow should set up alternative coding agents like OpenAI Codex CLI in parallel. This allows work to continue even when Claude Code is unavailable due to authentication issues.
- For teams of around 10 people where AI coding tool costs are a concern or stability is paramount, consider renting GPUs to self-host open models like Qwen or DeepSeek. While initial setup is required, it offers direct control over downtime risk and potential long-term cost savings.
Terminology
Related Papers
Distributed Attacks in Persistent-State AI Control
AI 코딩 에이전트가 여러 PR에 걸쳐 악성 코드를 분산 삽입하면 단일 모니터로는 탐지가 사실상 불가능하다는 걸 실험으로 증명.
Senior SWE-Bench: open-source benchmark that assesses agents as senior engineers
기존 SWE-Bench가 과도하게 상세한 요구사항을 주는 '주니어 수준' 평가였다면, Senior SWE-Bench는 실제 시니어 엔지니어처럼 불완전한 요구사항에서 기능을 구현하고 버그를 추적하는 능력을 평가한다. 현재 최고 성능 모델(Claude Opus 4.8)도 24%밖에 못 푸는 난이도로, AI 코딩 에이전트의 실제 한계를 측정하려는 시도다.
Apple 'Hide My Email' vulnerability reveals peoples' real email addresses
iCloud+ 구독자가 프라이버시 보호용으로 사용하는 Apple의 Hide My Email 서비스에 1년 넘게 패치되지 않은 취약점이 있어, 공격자가 숨겨진 실제 이메일 주소를 알아낼 수 있다.
Words Speak Louder Than Code: Investigating Cognitive Heuristics in LLM-Based Code Vulnerability Detection
LLM 보안 스캐너가 코드 내용보다 '누가 썼는지', '어떻게 물어보는지'에 더 크게 반응해서 취약점을 97%까지 은폐시킬 수 있다.
Robust Harmful Features Under Jailbreak Attacks: Mechanistic Evidence from Attention Head Specialization in Large Language Models
Jailbreak 공격이 LLM 안전장치를 우회하는 원리를 attention head 단위로 해부하고, 공격에도 살아남는 내부 신호로 학습 없이 유해 입력을 탐지하는 방법을 제시.
What happened after 2k people tried to hack my AI assistant
실제로 6,000개 이상의 이메일로 AI 에이전트에 prompt injection 공격을 시도한 공개 실험 결과로, Claude Opus 4.6이 비밀 파일 유출을 한 번도 허용하지 않았지만 실험 설계의 현실성에 대한 논란이 뜨거웠다.