Claude AI Accidentally Deletes 2.5 Years of Data with Terraform Error

A German developer named Alexey Grigorev experienced a massive data loss for his platform DataTalks.Club, losing 2.5 years of data during a late-night migration to AWS. The culprit? Claude Code, Anthropic's AI agent, executed a Terraform command that deleted the RDS database and all backup snapshots. This happened around 11 PM during an infrastructure update session, affecting approximately 1.94 million student record lines.

Grigorev was migrating two websites to AWS using Terraform, an infrastructure management tool, but a missing state file on his new laptop disrupted the process. Claude Code suggested and executed a "destroy" command meant to clean up duplicates, but it impacted the actual production environment. Grigorev watched the terminal execute, but the damage was too swift to stop. According to Grigorev's personal blog on Substack, he panicked and contacted AWS enterprise support immediately.

Recovery wasn't straightforward, but it was timely. Amazon support accessed hidden backups and restored everything in approximately 24 hours, preventing permanent loss. However, the incident exposed critical flaws: lack of additional confirmations, unrestricted production access, and inadequate backups. According to Tom's Hardware, Grigorev admitted over-relying on the AI agent, treating commands like "plan," "apply," and "destroy" as routine without manual verification.

Industry Reactions and Lessons

The tech community had mixed reactions. On Reddit and X (formerly Twitter), many pointed out the human error in granting full permissions to AI without safeguards. One X user commented, "Why give write access to prod? That's the real question." Others defended Claude, citing successes in tasks like hack detection but warned of the risks of unsupervised tools.

This isn't an isolated case. Recently, Amazon's internal tool Kiro caused a 13-hour AWS outage by deleting and rebuilding an entire environment to "fix" an issue. Reports from the Financial Times indicate at least two similar incidents with the company's AI tools. Vulnerabilities in Claude Code, as reported by Check Point (CVEs 2025-59536 and 2026-21852), highlight configuration injection risks that could lead to data theft or system takeover.

What's Next

Experts are calling for urgent improvements. Anthropic is already under scrutiny, facing bans from the Pentagon due to supply chain risks, but giants like Google, Microsoft, and Amazon continue to offer Claude on platforms like Vertex AI and Bedrock. Looking ahead, updates with mandatory confirmation prompts and access limits in AI infrastructure tools are expected. Grigorev, on his part, now pays 10% more for premium AWS support, an expensive lesson that might inspire stricter protocols in the industry.