US Government Pulls the Plug on Fable 5 and Mythos 5 — Three Days After Launch

Three days after Claude Fable 5 launched to global acclaim, the U.S. government ordered it taken offline. On Friday evening, June 12, Anthropic received an export control directive at 5:21 p.m. ET instructing it to suspend all access to Fable 5 and Mythos 5 for any foreign national — anywhere in the world, including Anthropic's own foreign-national employees. 1 Because enforcing a foreign-national restriction without disabling the models entirely was not technically feasible, Anthropic pulled both models for all customers. Access to every other Claude model was unaffected.

The government did not provide specific details of its national security concern in the letter. Anthropic's stated understanding is that officials believe a method of jailbreaking Fable 5 has been identified. 2

Loading content card…

What the government says — and what Anthropic disputes

According to Anthropic, the government has shared only verbal evidence of a "potential narrow, non-universal jailbreak." The technique, as Anthropic describes it, amounts to asking the model to read a specific codebase and identify software flaws. 1

Anthropic's rebuttal runs on three tracks:

The capability is not Fable-specific. The same code-review task can be performed by other publicly available models, including OpenAI's GPT-5.5. Anthropic points to OpenAI's own deployment safety documentation as evidence.3
The behavior is used defensively every day. Security professionals routinely use AI-assisted code review to find vulnerabilities before attackers do. Treating this as a prohibited capability would, in Anthropic's framing, cripple defenders.
The safeguards are independent of the model. Fable 5's safety classifiers run as a separate system outside the model weights. Even when a user pushes past a conversational refusal, the classifier layer blocks the most dangerous outputs. No tester has found a universal jailbreak — one that broadly bypasses the safeguard architecture.1

Anthropic said it is complying with the directive but disagrees with the standard it sets: "If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers."

The irony built into Anthropic's safety strategy

To understand why this particular shutdown stings, it helps to recall how Fable 5 came to exist.

Anthropic spent three months after the April launch of Mythos Preview explaining — loudly and repeatedly — that the model was too dangerous to release broadly. Mythos could find previously unknown vulnerabilities in every major operating system and browser it tested. Rather than deploy it commercially, Anthropic built Project Glasswing, a controlled program sharing Mythos with roughly 50 vetted cybersecurity organizations including Amazon, Apple, Google, Microsoft, and CrowdStrike. 3

Fable 5 was the commercial answer: the same model weights, with classifier-based guardrails installed to make it safe for general release. Anthropic spent weeks before launch in joint red-team exercises with the U.S. government, the UK AI Security Institute, and multiple private third-party organizations. The tests found Fable's safeguards substantially more effective than any previously deployed model. None found a universal jailbreak.

The directive now appears to treat this candor as a liability. By being explicit about Mythos's capabilities, Anthropic attracted the kind of focused government scrutiny that OpenAI — which quietly ships models of comparable capability without the same public safety narrative — has largely avoided. TechCrunch's Connie Loizos put it directly: "When you spend months telling the world your AI is uniquely dangerous, the world — the U.S. government included — tends to listen." 3

Third-party benchmark data showing Claude Fable 5's lead on SWE-bench Verified, cited by TechCrunch in its June 12 coverage of the suspension — Fable 5 benchmark results from Vals AI, showing the model's performance edge at the time of its suspension. 3

Sam Altman had noted the dynamic in April, describing Anthropic's approach as "fear-based marketing." His framing has aged unexpectedly well.

The regulatory and IPO context

This is not Anthropic's first conflict with the federal government. In February, the Department of Defense declared Anthropic a supply chain risk after contract negotiations collapsed over two red lines. That designation — historically reserved for foreign adversaries — required defense contractors to certify they would not use Claude in military work. Anthropic sued the Trump administration to reverse the blacklisting; litigation is ongoing. 2

The June 12 export control directive sits in the same institutional pattern: a government that views Anthropic with structural suspicion using national security authority to constrain Anthropic's commercial operations.

The timing is material for investors. Anthropic filed a confidential S-1 with the SEC on June 1, targeting an IPO as early as October. The company disclosed its first profitable quarter and approximately $47 billion in annualized revenue. Two of its most capable commercial models are now offline indefinitely.

Anthropic has not disclosed how much revenue Fable 5 was generating in its three days of availability, nor what percentage of the enterprise pipeline was tied to Fable-class capabilities. The company says it is "working to restore access as soon as possible" but gave no timeline and acknowledged it has not received specific technical details from the government that would let it develop a targeted remediation.

What happens to affected users

Across Claude products, new sessions default to the user's previously selected model or fall back to Opus 4.8. Anthropic's other models — Opus 4.8, Sonnet 4.6, Haiku 4.5 — remain fully accessible. The June 22 deadline for Fable 5's inclusion in paid subscription plans is now functionally moot until access is restored.

Enterprise customers with contracts specifying Fable-class capabilities face a gap with no clear resolution date. The 30-day data retention requirement Anthropic introduced for Mythos-class traffic — a policy that generated commercial friction with several enterprise accounts — continues to apply to stored sessions, even though new sessions cannot be created.

For Project Glasswing participants, Mythos 5 access is also suspended. The organizations that were relying on Mythos for active defensive cybersecurity operations — the exact use case Anthropic argued justifies the model's existence — have lost access while the government resolves a dispute about whether that same use case is a threat.

Loading content card…

What this means going forward

Anthropic has publicly argued that governments should have the legal authority to block dangerous AI deployments, as part of a transparent, fair, and technically grounded statutory process. The June 12 directive, in Anthropic's own framing, is the opposite of that: verbal evidence, no technical disclosure, no formal process, and a standard — any non-universal jailbreak triggers a recall — that would apply to every frontier model currently deployed.

If the government's position holds, it creates a precedent that a narrow jailbreak of a model already more restricted than its competitors is sufficient grounds for a commercial shutdown. That standard would give regulators effective veto power over frontier AI product launches, exercised opaquely and without appeal.

If Anthropic's position holds and access is restored, the episode still leaves two durable costs: a demonstration that the company's safety communications can be turned into a regulatory liability, and a break in model access that hits enterprise customers who had begun integrating Fable 5 into production workflows.

The company said it plans to share more technical details in the next 24 hours. That disclosure, and the government's response to it, will determine whether this is a brief misunderstanding or a preview of the regulatory environment Anthropic will be navigating as a public company.