Skip to content
News Regulation

US government orders Anthropic to shut off Fable 5 and Mythos 5 worldwide, citing claimed jailbreak

ยท by Pondero Newsdesk

The short version

The US government issued an export control directive on June 12, 2026, ordering Anthropic to immediately disable Claude Fable 5 and Mythos 5 for all users worldwide. Anthropic complied but published a detailed rebuttal disputing the technical basis.

US government orders Anthropic to shut off Fable 5 and Mythos 5 worldwide, citing claimed jailbreak

The US government delivered an export control directive to Anthropic on June 12, 2026, at 5:21 PM ET, ordering the company to immediately disable Claude Fable 5 and Claude Mythos 5 for every user worldwide. Anthropic shut both models off within hours, then published a point-by-point rebuttal calling the government's technical basis flawed.

What happened

The directive arrived framed as an export control action, restricting foreign nationals from accessing the models. Because compliance required blocking all foreign-national access, including foreign-national Anthropic employees, the practical result was that Anthropic had to disable Fable 5 and Mythos 5 for all customers everywhere. Access to every other Anthropic model remained unaffected, per Anthropic's statement.

The government's stated concern, as Anthropic understood it, was a claimed jailbreak of Fable 5. The letter Anthropic received did not provide specific details of the national security concern. Government representatives subsequently offered verbal evidence of a "potential narrow, non-universal jailbreak," which Anthropic described as a technique that prompts the model to read a specific codebase and identify software flaws.

Anthropic reviewed what it believes was the basis of the directive. Its conclusion: the capability on display is already widely available in other publicly deployed models. The company cited OpenAI's GPT-5.5 as one example. It also noted that cybersecurity professionals use this class of technique daily for defensive purposes.

Anthropic's technical rebuttal

The company's public statement went further than a simple denial. Anthropic laid out the safeguard architecture behind Fable 5, explaining that its strongest protections operate through independent classifier systems that function separately from the model itself. A user who talks the model past a refusal does not thereby bypass the underlying classifiers, the company argued.

Anthropic said it has not received disclosure of a universal jailbreak, meaning a bypass that broadly unlocks a wide range of dangerous capabilities. The company said it had stated at launch that perfect jailbreak resistance is not currently achievable for any model provider, and that it had adopted a defense-in-depth strategy with this expectation in mind. That strategy included mandatory 30-day data retention for Mythos-class traffic, a policy Anthropic acknowledged carries real costs with customers, specifically to enable monitoring and rapid mitigation if serious attacks emerge.

The company's summary position: "We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people. If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers," per the Anthropic statement.

Context

Fable 5 had been publicly available for roughly three days before the directive arrived. It launched June 9, 2026, as a version of Mythos 5 fitted with classifier-based guardrails, giving general users access to Mythos-class capability for the first time. Coverage of the launch and its context is at Pondero's June 10 report on the Fable 5 and Mythos 5 release.

Mythos 5, in parallel, had been distributed only to a small set of vetted partners through Project Glasswing since April. Those organizations, which include Amazon, Apple, Google, Microsoft, and CrowdStrike, have been using Mythos for defensive cybersecurity work. According to TechCrunch's June 12 reporting, Mythos identified security flaws in every major operating system and web browser Anthropic tested, which prompted the restricted release model in the first place, per TechCrunch.

The government's action creates an ironic loop: Anthropic's own transparency about Mythos's cybersecurity power, which the company promoted as evidence of responsible restraint, appears to have drawn exactly the regulatory scrutiny that led to the shutdown. OpenAI CEO Sam Altman had gestured at this dynamic in April, describing Anthropic's handling of Mythos as "fear-based marketing," per TechCrunch's April coverage.

Anthropic also noted in its statement that it believes the government should have authority to block unsafe deployments, but through a "statutory process that is transparent, fair, clear, and grounded in technical facts." The company said the current action does not adhere to those principles and characterized the shutdown as a misunderstanding.

Who is affected

Any user relying on Claude Fable 5 or Mythos 5 as of June 12 lost access without advance notice. That population includes general API users, Claude.ai subscribers who had access to Fable 5 under the included-at-no-extra-cost period that was set to run through June 22, enterprise customers, and the roughly 50 Project Glasswing partner organizations using Mythos for cybersecurity work.

Developers building on Claude Code who had integrated Fable 5 as a backend model are affected as well. Claude Code is one of Anthropic's highest-profile products; the abrupt removal of its most capable available model mid-workflow is a concrete operational disruption for teams that had already adopted it.

All other Claude models remain available. That means Claude Sonnet, Claude Haiku, Claude Opus 4.8, and the Mythos Preview version remain accessible to API and subscription users, though Mythos Preview was already tightly restricted to Project Glasswing partners.

Why it matters

This is the first reported instance of a US government export control directive targeting a specific commercial AI model for immediate global shutdown. The mechanism used, export control authority rather than a standard regulatory process with advance notice, allowed the government to act without the kind of public comment or statutory transparency process Anthropic says it expected.

The precedent question is real. If a narrow, non-universal jailbreak is sufficient grounds for a global model recall, every frontier model provider faces the same theoretical exposure. Anthropic said it believes this standard, if applied consistently across the industry, would halt new model deployments across all frontier providers.

The episode also puts Anthropic in an unusual position ahead of its widely anticipated IPO. The company's public identity centers on safety-first development. The government used that same language about safety risks to justify pulling two of its three most capable products from the market. That tension is not easily resolved in investor communications.

What to watch next

Anthropic said it is working to restore access "as soon as possible" and would share more technical details within 24 hours of the statement's publication. The two concrete outcomes to watch are whether the company obtains an emergency court stay reversing or pausing the directive, and whether OpenAI, Google, or other frontier model providers face similar export control scrutiny given that Anthropic's rebuttal explicitly names GPT-5.5 as having comparable capability on the technique the government flagged.

Sources