On June 12, 2026, the US Commerce Department sent a letter to Anthropic CEO Dario Amodei ordering the company to cut off foreign national access to its two newest AI models — Claude Fable 5 and Claude Mythos 5 — under export control authority. The directive arrived at 5:21 PM Eastern Time. By that same evening, Anthropic had disabled both models for every customer worldwide to comply.
Fable 5 had been publicly released only three days earlier, on June 9 — and Mythos 5 had been available exclusively to a small group of vetted partners through Anthropic’s Project Glasswing programme. The suspension affected all users, not just those outside the US.
The 72-Hour Window: Fable 5 Went Public, Then Got Pulled
Fable 5 sits inside Anthropic’s new Mythos capability tier — one level above its existing Opus-class models. The company describes Mythos-class models as particularly capable at discovering and chaining together software vulnerabilities across a full attack lifecycle, which it calls “agentic hacking.” Fable 5 was the public version of this technology, with a layer of AI classifiers designed to redirect dangerous queries to the less capable Claude Opus 4.8. Anthropic’s Opus 4.8 remains unaffected by the suspension.
Mythos 5 — the same underlying model without the cyber capability restrictions — was made available only through Project Glasswing, in coordination with the US government. Both are now offline.
From Launch to Lockout: A Timeline
“We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people. If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers.”
What the Government Said, What Anthropic Verified
Bypassing the guardrails
Fable 5’s cyber capabilities are blocked by a separate AI classifier that watches for misuse. A “jailbreak” is a technique that gets past this classifier — allowing access to the underlying Mythos-level capabilities including vulnerability discovery, exploitation, and agentic cyber attack chains.
UNIVERSAL A universal jailbreak defeats the safeguards broadly, unlocking a wide range of capabilities. Anthropic says no tester found one across 1,000+ hours of red-teaming.
NON-UNIVERSAL A narrow jailbreak works only in specific circumstances. Anthropic says the government’s concern appears to be this type — essentially prompting the model to read a specific codebase and fix software flaws.
What triggered the directive
According to reporting by Axios, another company told the US government it had found a way to jailbreak Mythos — alarming national security officials. Commerce Secretary Howard Lutnick sent the export control letter to Anthropic after the administration had earlier tried, unsuccessfully, to get Anthropic to pause the release of Fable 5 and Mythos 5 before launch.
The directive said access to Fable 5 and Mythos 5 would now require an export licence for transfer to any location outside the US, and to all foreign persons within the country. The letter did not include specific details of the national security concern.
Anthropic’s technical rebuttal
Anthropic says it reviewed what it believes to be the report the government used as the basis of its directive. Its conclusion: the jailbreak was narrow, not universal, and the capability it unlocked — reading a specific codebase and identifying software flaws — is already available from other publicly deployed models, including OpenAI’s GPT-5.5, without requiring a bypass at all.
Anthropic stated it had not received evidence of a concerning jailbreak leading to a harmful result. The company says it is complying with the legal directive while believing the action to be “a misunderstanding,” and is working to restore access. It also maintained its 30-day data retention policy for Fable users — a measure designed specifically to help detect and shut down any successful attacks quickly.
Wider reactions
The European Union, which had gained access to Mythos earlier in June after weeks of negotiations, said the suspension further underlined “Europe’s need for technological sovereignty.” Thomas Regnier, spokesman for the European Commission, said the bloc was “assessing” the situation.
Gina Neff, Professor of Responsible AI at Queen Mary University London, told the BBC the decision could limit safe testing of AI systems and restrict collaboration with governments. She also cited UK AISI findings on the model’s ability to exploit cyber defences — findings that applied to Mythos Preview, the model’s pre-release version. She described it as a “step change in capability in cyber security.” You can follow ongoing AI safety developments across the industry as this dispute continues.
How Fable 5 Was Built to Contain Itself
Fable 5’s classifiers were designed to block the most dangerous capabilities. The bars below reflect Anthropic’s pre-suspension evaluation data on classifier effectiveness across threat categories.
Source: Anthropic Fable 5 launch documentation. Evaluations ran with classifiers set to block rather than fall back; no safeguard evasion attempts were made during testing. The 95%+ figure is Anthropic’s own early deployment data.
Anthropic’s strategy with Fable 5 was deliberate: rather than refusing harmful queries outright, it built a classifier layer that routes flagged requests — covering cybersecurity, biology and chemistry, and AI model distillation — to Claude Opus 4.8. Users are notified when this happens. In over 95% of sessions, no fallback occurs at all.
The company acknowledged from launch that perfect jailbreak resistance is not possible for any model provider, and it aimed instead to make jailbreaks either very narrow or very expensive to produce — combined with monitoring that can quickly detect and respond to successful bypasses. Anthropic required 30-day retention of customer data specifically for this purpose, a policy the company acknowledged carried real costs with enterprise customers.
Fable 5’s launch also followed thousands of hours of red-teaming in cooperation with the US government, the UK AISI, and third-party security organisations. No universal jailbreak — one capable of broadly bypassing the safeguards — was found. The UK AISI did make early progress toward one, Anthropic disclosed, but stopped short of producing a working universal bypass.
“We’re in uncharted territory at this point. People within the AI industry have been warning us that these tools are getting better very rapidly and that we have to be able to build up capabilities to keep our companies safe from cyber attacks.”
A Dispute That Started Long Before June
This export control directive did not arrive in isolation. The Anthropic–US government dispute began in February 2026, when Anthropic refused Pentagon demands to remove two specific safeguards from Claude: one preventing its use for mass domestic surveillance of Americans, and one blocking fully autonomous weapons systems. Anthropic said it would support all other lawful uses of AI for national security.
When negotiations failed, Defense Secretary Pete Hegseth announced the supply-chain risk designation on X — a label historically used for companies based in adversarial foreign nations. President Trump simultaneously directed all federal agencies to stop using Anthropic’s products, calling the company “radical left” and “woke.” Anthropic filed federal lawsuits challenging the designation as “unprecedented and unlawful,” and a judge later blocked the Pentagon from enforcing it while the case continues.
The broader AI investment landscape adds further weight to the suspension. Anthropic was valued at $965 billion in its most recent funding round and has confidentially filed for a public listing. The export control action introduces uncertainty for investors evaluating whether Anthropic can sustain cutting-edge model deployments while managing ongoing government friction. Competing AI firms face a different set of government relationships, making the dispute a unique challenge for Anthropic’s market position.
Meanwhile, the European Commission used the suspension to push its own AI sovereignty agenda, which this month included measures to reduce dependence on American and Asian AI infrastructure. The episode also adds to a wider debate around physical AI and large-scale infrastructure investment as governments and companies try to define where national security ends and commercial AI development begins.
This article covered the US Commerce Department’s June 12, 2026 export control directive requiring Anthropic to suspend access to Claude Fable 5 and Claude Mythos 5 for all foreign nationals — a measure that led the company to disable both models for all customers worldwide. The directive cited national security authorities but provided no specific details of its concern.
The background to the directive — including the Pentagon’s supply-chain risk designation, Anthropic’s subsequent lawsuits, and the ongoing dispute over mass surveillance and autonomous weapons safeguards — was also covered, along with Anthropic’s technical position on the jailbreak that reportedly triggered the government’s action.
Anthropic has stated it is working to restore access. Access to all other Claude models, including Claude Opus 4.8, was not affected by the directive. The company’s full statement is available at anthropic.com.
