One person violates the rules, 110 people buried with them: Anthropic account‑ban storm

An agricultural technology company with 110 employees had all its Claude accounts collectively banned by Anthropic. During the ban, the API continued to accrue charges, and no response was received to their appeal after 36 hours, exposing deep-rooted contradictions in the governance of closed-source AI platforms.
One Person Violates, 110 People Buried Together: Platform Hegemony Behind Anthropic’s Mass Account Ban
Monday Morning: No One Could Log In
A 110-person agricultural tech company experienced an unexpected “digital blackout” on Monday morning — all employees’ Claude accounts were suspended simultaneously. It wasn’t an individual issue or a network failure; Anthropic had executed a sweeping ban across the entire organization.
No prior notice, no window for resolution, no explanation for administrators.
What’s more ironic: each banned employee received an identical email disguised as a “personal violation notice,” as if everyone had misbehaved individually. In truth, this was a collective strike against the entire organization — 110 accounts fell at once, and not one email acknowledged that fact.

What made the situation go from “strict risk control” to “absurd,” however, was another detail:
The accounts were banned, but the API was still billing normally.
You read that right. Service stopped, but the meter kept running.
Ban Logic: Collective Punishment
According to the affected company, Anthropic’s ban logic works roughly like this: when the system detects suspicious signals from one account within an organization, it immediately suspends every account linked to that organization. No distinction between violators and innocents, no distinction between individual and organizational accounts, no grace period.
One person crosses the line, and everyone pays the price.
Such logic isn’t unheard of in security contexts — many cloud providers batch-handle related resources when they detect malicious behavior. But the key difference is: AWS, before banning your account, issues warnings, involves a Trust & Safety team, and provides an appeal window. Anthropic’s approach this time seemed more like an automated script run to completion — with no one following up afterward.
12 hours, no response.
24 hours, no response.
36 hours, still no response.
A 110-person company’s workflow came to a standstill; their productivity tools became a wall. All they could do was wait.
Not the First Time
Anthropic account bans have long been discussed in the developer community. But this time, it caught public attention because the issue escalated from an “occasional personal incident” to a “systemic enterprise-level risk.”
Looking back over the past year, similar events form a clear timeline:
- August 2025 — A user reported in GitHub issue #5088 that right after paying $100 for a Claude Code Max 5x monthly plan, they received the error “This organization has been disabled.” Attempts to contact Anthropic via email, appeal form, and support portal all went unanswered.
- October 2025 — Another user posted for help: after renewing a MAX subscription, their account was immediately banned, receiving only the vague conclusion “violation of Usage Policy” with no specifics.
- April 2026 — OpenCode users widely reported service failures after logging into their Claude subscriptions via OAuth; some users upgrading to Claude Max were suspended outright.
- Same month — OpenClaw founder Peter Steinberger publicly complained that his Claude account was suspended for “suspicious activity.”
Anthropic’s own data speaks volumes. According to its Transparency Hub update in January 2026, from July to December 2025 alone, Anthropic banned 1.45 million accounts, received 52,000 appeals, and reversed 1,700.
That’s an appeal rate of about 3.6% and a reversal rate of about 3.3%. This means the vast majority of banned users never appealed — not necessarily because they were guilty, but more likely because they thought appealing wouldn’t help or didn’t know how to.
And behind each of those 1,700 reversals lies a wrongly punished user, a disrupted workflow, and a wrongly charged bill.
The Real Core Issue: Billing After Ban
If accounts were merely banned, the incident might be seen as “overly strict risk control.” A security company would rather err on the side of caution — crude but somewhat logical.
But continuing to bill APIs for frozen accounts is a different matter entirely.
Imagine your company runs an automated pipeline that calls Claude’s API for data processing, document generation, and code review. When an account is suspended, those outbound API requests don’t automatically stop — they continue being sent and billed, only to return error responses. You’re paying for a service you can’t use.
It’s like your apartment complex cutting off water and electricity but keeping the meters running — and sending you the bill at month’s end.
For a 110-person company deeply integrated with Claude’s API, what do 36 hours of downtime mean? Project delays, missed client deliveries, idle teams. The hidden costs far outweigh the API bill itself.
And Anthropic’s 36-hour response?
Silence.
The “Original Sin” of Third-Party Tools
Anthropic has not publicly disclosed the reason for this latest ban, but recent events suggest a broader trend: Anthropic is systematically tightening control over third-party tools that call Claude.
Thariq Shihipar from the Claude Code team recently stated on social media that Anthropic has boosted defenses to block third-party tools pretending to be official Claude Code clients. His reasoning: such traffic lacks retrievable telemetry, making debugging, rate limiting, and support difficult.
In plain terms: “If you use a third-party tool to access my model, I can’t see what you’re doing — so I’m not letting you.”
Not entirely unreasonable, but the execution raises issues:
- Rule changes weren’t communicated adequately. Many developers built workflows based on previous rules and documentation. Changing rules abruptly disrupts those workflows.
- Bans lacked precision. Users of third-party tools, official tools, or none at all — all were swept up together.
- Appeal channels were ineffective. A 36-hour silence is unacceptable for enterprise-level SLA standards.
Ruby on Rails creator DHH delivered sharp criticism, accusing Anthropic of deliberately blocking tools like OpenCode to funnel developers toward its own Claude Code. He called it “cutting off oxygen,” comparing Anthropic’s strategy to Microsoft’s early-era lock-in tactics.
Still, DHH left room for reconciliation, saying trust could be repaired if Anthropic promptly revises its policies. He publicly urged CEO Dario Amodei to confront the issue.
The Platform Risk of Closed-Source AI: Your Productivity Is Not Yours
This incident deserves attention not just because one company was banned, but because it exposes a structural problem in the closed-source AI ecosystem:
When you build your core productivity on a closed AI platform, you surrender control of your fate to its risk algorithms.
Model capabilities belong to the platform. Oversight, interpretation, and pricing power belong to the platform. Rule changes happen entirely on the platform’s terms. You’re a user — but with no bargaining power.
It’s reminiscent of the mobile app ecosystem a decade ago. App Store or Google Play could remove apps or ban accounts at will; developers had nowhere to turn but the appeals process. The difference is, if your app is delisted, your company still functions. But if your AI workflow is cut off, and your team depends on that workflow, you effectively stop production.
More alarmingly, the risk is asymmetric. Anthropic banning one 110-person client hardly dents its revenue; but for that company, it could mean a total operational collapse.
What Should Developers Do?
This incident rings a wake-up call for all AI API-dependent teams. Some practical takeaways:
1. Don’t Put All Your Eggs in One Basket
Basic but often ignored. If your entire workflow depends on one model vendor, you’re running bare. Always have a fallback plan — a backup model you can switch to in minutes when the main one fails.
Model performance gaps are shrinking fast. GPT, Claude, Gemini, DeepSeek — most can handle similar tasks. Instead of deep-locking into one provider, design architecture abstraction so models become swappable components.
API aggregation services like OpenAI Hub shine here — one key for multiple models, near-zero switching cost. When one provider fails, your business won’t.
2. Monitor Your API Spending
The “billing after ban” issue essentially stems from API requesters not linking status checks to account state. It’s wise to add a health-check layer: if N consecutive requests return authentication errors, automatically halt calls and raise alerts. Don’t let money burn unnoticed.
A simple safeguard idea:
# Simple API health check and automatic circuit breaker
import time
class APICircuitBreaker:
def __init__(self, failure_threshold=5, reset_timeout=300):
self.failure_count = 0
self.failure_threshold = failure_threshold
self.reset_timeout = reset_timeout
self.last_failure_time = None
self.is_open = False
def record_failure(self, status_code):
# 401/403 usually indicate account-level issues
if status_code in (401, 403):
self.failure_count += 1
self.last_failure_time = time.time()
if self.failure_count >= self.failure_threshold:
self.is_open = True # Trigger breaker
# Send alert
notify_team("API auth failures detected, circuit breaker open")
def can_proceed(self):
if not self.is_open:
return True
# Retry after cooldown period
if time.time() - self.last_failure_time > self.reset_timeout:
self.is_open = False
self.failure_count = 0
return True
return False
3. Keep an Eye on Open-Source Model Progress
Not saying you should switch immediately, but keep watch and adopt gradually where suitable. Google’s launch of Gemma 4 this month shows open models are reaching practical competence in understanding and code tasks. Meta’s Llama series, DeepSeek, and Qwen are also evolving quickly.
For data-sensitive or high-availability use cases, local deployments of open models may be more reliable — you won’t wake up to find everyone locked out.
4. Judge Vendors by SLA, Not Just Model Power
AI vendor selection isn’t only about performance benchmarks. Response time, appeal channels, enterprise support, and SLA guarantees often matter more when things go wrong.
Judging by this incident, Anthropic’s enterprise support system is clearly not ready for large-scale corporate clients. A 36-hour non-response is a failing grade for a company courting enterprise markets.
Anthropic’s Dilemma
At its core, Anthropic faces a contradiction of its own making.
On one hand, Claude’s models are genuinely strong — code generation, long-context comprehension, reasoning — developers consistently rank it among the best. That’s why, despite frequent bans, many still return after venting.
On the other hand, Anthropic brands itself as the AI safety company. Safety is its mission statement, its Super Bowl tagline, even its training methodology’s core value.
But “safety” shouldn’t mean “brutality.” A truly safety-conscious platform should have clear rule boundaries, transparent enforcement standards, efficient appeal channels, and fast correction for false positives — not mass bans, templated emails, and 36-hour silences.
In DHH’s words, Anthropic currently looks more like “cutting off oxygen” than “ensuring safety.”
1.45 million bans, 52,000 appeals, 1,700 reversals — behind those numbers lies a still-immature governance system.
Final Thoughts
This won’t be the last such incident. As long as closed-source AI platforms hold unilateral power, similar crises will repeat. The only question is whether the next victim will be a 110-person company or a 1,100-person one.
For developers, pragmatism is key: not boycotting a specific platform, but architecting redundancy, negotiating safeguards, and internalizing one truth: the AI tools you use may never truly be yours.
As for Anthropic, the ball’s in its court. Claude’s model strength gives it room to err — but that room isn’t infinite. As competitors close the capability gap, if your governance model still amounts to “ban first, explain never,” even loyal developers’ patience will eventually run out.
References
- Claude “nuked the repo”: a 110-person company banned by Anthropic, but billing continues — Original discussion post on Linux.do with detailed firsthand account
- OpenCode users report Claude subscriptions being suspended — iThome report detailing Anthropic’s crackdown on third-party tool calls and public criticism from DHH and others



