Anthropic's DMCA Mess: What Happens When 8,100 Repos Go Down

Theo from t3.gg woke up yesterday to discover he'd been DMCA'd by Anthropic. Not for hosting the leaked Claude Code source that's been making rounds—for changing one word in a markdown file in his fork of the official, public Claude Code repository.

Let that sink in. A single-line change to a skills documentation file triggered a DMCA strike. His first ever on GitHub.

The absurdity would be funny if it weren't part of a larger pattern that's becoming harder to ignore: the DMCA, designed to protect platforms and rights holders, is increasingly weaponized—sometimes accidentally, sometimes not—in ways that punish legitimate developer activity.

The 8,100 Repository Problem

What makes this story interesting isn't just that Theo got caught in the crossfire. It's the scale. Anthropic's DMCA notice targeted a network of 8,100 repositories. That's not a typo. Eight thousand, one hundred repos went down simultaneously.

The intended targets were forks of the leaked Claude Code source—the actual proprietary code that accidentally shipped with source maps in a manual deployment (a deployment process Anthropic has since acknowledged should have been automated). But somewhere in the communication between Anthropic's lawyers and GitHub, something broke down catastrophically.

Instead of hitting just the leak-hosting repos, the notice appears to have swept up forks of Anthropic's official public repository—the one that only contains skills definitions and markdown documentation. The one that's meant to be forked. The one where Theo had submitted a pull request that changed literally one word.

"That was an erroneous and arguably illegal Digital Millennium Copyright Act enforcement," Theo notes in his video. And he's right—filing a false DMCA claim is illegal under US law, though it's rarely prosecuted.

The DMCA's Structural Vulnerability

To understand how this happened, you need to understand how the DMCA actually works. The law creates "safe harbor" provisions that protect platforms from liability when users post infringing content. If someone uploads Avengers: Endgame to YouTube, Disney can't sue YouTube—they have to go after the uploader.

But here's the catch: platforms are incentivized to act quickly on takedown requests without doing their own due diligence. The burden of proof starts with the accused, not the accuser. File a DMCA notice, and the content comes down. The recipient can file a counter-notice, but that triggers a two-week waiting period during which the accuser can decide whether to sue.

This structure makes sense when you're dealing with obvious copyright infringement. It makes less sense when you're dealing with developer communities where forking is fundamental to how work happens, where the line between derivative work and transformative work is genuinely fuzzy, and where a "network of repositories" might include both actual infringement and completely legitimate activity.

Theo points to the Nintendo/Dolphin emulator case as an example of DMCA abuse: Nintendo can target the emulator for including a 15-character decryption string that's required to play Wii games—even though reverse engineering is legally protected. The string itself is copyrighted, so any distribution including it triggers DMCA vulnerability.

What Actually Happened

By the time Theo finished his video, Anthropic had already filed a retraction. They restored access to all repos except the one actually hosting the leaked source and its 96 direct forks. Theo's fork came back. So did thousands of others, including a Rust rewrite of Claude Code using the leaked source that hit 100,000 stars in under a day—now the fastest-growing GitHub repo in history.

Anthropicemployees immediately went into damage control. "This was not intentional. We've been working with GitHub to fix it," wrote Boris Power, one of the Claude Code engineers. Another engineer, Thoric, characterized it as "a communication mistake."

The question is: who miscommunicated? Did Anthropic's legal team overshoot and request takedowns of repos they shouldn't have? Did GitHub misinterpret the request and enforce it too broadly? Were the lawyers on both sides so disconnected from the technical reality that nobody caught the 8,100 number and thought to double-check?

Theo acknowledges he doesn't know where the breakdown happened. "I don't know if GitHub sends the list of repos that they're going to take action on to Anthropic and their lawyers before doing it," he says. "I don't know where the communication breakdown happened here."

What we do know: it's unlikely Anthropic intentionally DMCA'd forks of their own public repo. The reputational damage would be catastrophic, and they had to know that. The speed of the retraction and the number of Anthropic employees engaging directly on Twitter suggests genuine panic, not malice.

The Blameless Culture Response

One unexpected bright spot in this mess: how Anthropic handled the post-leak communication. When someone asked if the developer who caused the leak was "still breathing," Boris's response was textbook good engineering culture:

"As a team, the important thing is to recognize it's never an individual's fault. It's the process, the culture, or the infrastructure. In this case, there was a manual deploy step that should have been better automated."

This is how incident response should work. Not assigning blame to individuals, but examining systems. Not scapegoating the person who pushed the button, but asking why it was possible to push that button in the first place.

Anthropicsoftware engineers have also been surprisingly transparent and human on Twitter—joking about the leak, tagging colleagues who built specific features, engaging with the community rather than hiding behind PR speak. It's exactly the approach Theo advocated in his previous video about the leak: let the people who built the thing be excited about the thing they built, even if the circumstances are chaotic.

The Fundamental Question Nobody's Asking

Here's where the story gets uncomfortable. Theo's conclusion, which I find hard to argue with: "All of this could have been avoided with a very, very easy strategy. Just open-source Claude Code."

The damage from keeping Claude Code closed source now demonstrably exceeds whatever competitive advantage that secrecy provides. The source leaked anyway. It's being rewritten in Rust and can't be taken down. Derivative works are protected. The Pandora's box is open.

But more than that: Anthropic has positioned itself to have as many catastrophic failure modes as possible. By keeping the code closed, they've created a situation where any leak becomes a crisis, where DMCA enforcement becomes necessary, where 8,100 repositories can be taken down by accident because the system for distinguishing legitimate forks from infringing ones doesn't—can't—exist at that scale.

"They have positioned themselves as a business to have as many unlucky opportunities as possible," Theo says. It's a sharp observation. Open source projects don't have this problem. When everyone can see the code, there's nothing to leak. When forking is expected, there's no ambiguity about what's legitimate.

The DMCA system assumes a clear line between authorized and unauthorized copying. Developer communities assume copying—forking, remixing, building on—is how progress happens. These assumptions are fundamentally incompatible, and no amount of careful lawyering will resolve that tension.

Anthropicfixed this particular mess quickly. They communicated well. They took responsibility at a systems level. But they're still fighting a war they chose, against a community that doesn't think it should be a war at all.

—Dev Kapoor