A US export control directive suspended Fable 5 and Mythos 5, Anthropic's most heavily safeguarded models, for all customers, including its own foreign national staff, after the government learned of a way to prompt around built in safety rules.
On June 12 at 5:21pm ET, the US government sent Anthropic an export-control directive, and within hours the company had disabled its two most advanced models for every customer worldwide, including, notably, its own foreign-national employees inside the US. The targets were Fable 5 and Mythos 5, Anthropic's frontier-tier models, launched with safeguards the company described as substantially more effective than any previously deployed model after thousands of hours of red-teaming with the US government, the UK AI Safety Institute, and third parties.
The directive applied to "any foreign national, inside or outside the US, including foreign-national Anthropic employees," per Anthropic's statement on the suspension. The company said the only way to comply was to cut off all customers. Other Anthropic models were not affected.
What actually triggered it? A "jailbreak," in AI terms, is a way of prompting a model that gets around its built-in safety rules. The government told Anthropic it had become aware of one such technique for Fable 5. The government cited national security authorities but did not provide specific details in the letter. Anthropic said it reviewed a demonstration of the technique and concluded it surfaced a small number of previously known, relatively simple vulnerabilities. Other publicly available models, the company added, can find those vulnerabilities on their own, without needing a bypass.
That last line matters. This was not a catastrophic break of a frontier system. It was a non-universal bypass of a model that was already among the best-defended in the field, and one that exposes vulnerabilities the rest of the field can already find. A wire read of "AI jailbroken" misses the point. A regulatory layer above the model treated that gap as worth pulling the plug on overnight.
The structural readout is the real story. Anthropic's own launch posture, that "perfect jailbreak resistance is not currently possible for any provider," was the predicate for what happened next, not an excuse. Frontier-AI safety was never going to live in the model layer alone. The scaffolding around the release, the deployment controls, the monitoring, and the export controls are the layers that do the work the model cannot. The suspension is what defense in depth looks like in production. It is also what it looks like when the regulatory infrastructure can close faster than the model layer can improve.
There is a harder second read. A regulatory lever pulled on a frontier lab overnight, with no specific national-security detail in the letter, is itself a story. That Anthropic's response reads as orderly does not make the directive uncontroversial, and constructive framing should not pretend otherwise. The model did what it was supposed to do, and the surrounding system still pulled it. That is the more honest read than either "safeguards failed" or "the system worked exactly as designed."
What to watch next: whether the government publishes the specific technique, whether the suspension is partial or permanent, and how other frontier labs respond when their own non-universal jailbreaks surface. Export controls have just become an active layer in the safety stack, not a remote one.
This account is built on Anthropic's own statement. The government has not yet published the specific technique or the national-security rationale, and the directive's scope and duration remain to be clarified.