U.S. blocks Fable 5 and Mythos 5 for everyone: What citizenship export controls mean for Anthropic users
Main chat
A chat for vibe coders: news, guides, live cases, marketplace, and finding executors.
On June 12, 2026, at 17:21 ET, Anthropic received a document from the U.S. government that led to an unprecedented decision: the Claude Fable 5 and Claude Mythos 5 models are disabled for all users around the world – including paying customers in the United States, and including the company’s own employees who do not have U.S. citizenship.
This is the first time a government has restricted access to an AI model based on a user’s citizenship – rather than their country of location. The difference is fundamental, and it led to the fact that the model was turned off for everyone.
What happened: chronology
The U.S., citing national security authorities, has issued an export control directive requiring the suspension of all access to Fable 5 and Mythos 5 for any foreign national, both inside and outside the U.S., including foreign nationals working for Anthropic. >
The directive came without giving specifics: the letter did not disclose details of national security concerns. By Anthropic’s own understanding, the government has learned about a way to bypass Fable 5’s defense mechanisms: jailbreaking. >
According to Axios, a letter from Commerce Secretary Howard Lutnick requires licenses to export, re-export or domestically transfer Fable 5 and Mythos 5. The document applies to foreign nationals working inside the U.S., not just accounts connecting from abroad. >
Anthropic had 90 minutes to restrict access to Fable 5 before the White House began to fear access from China. >
Since the company physically does not have the infrastructure to verify citizenship in real time - the passport is not checked by login in Claude - the only technical solution left is to completely disable models for everyone. <cite index="14-1" Since Anthropic does not have the infrastructure to verify citizenship in real time, the company took the radical step of disabling both models for all users around the world to ensure compliance. >
Access to less powerful Claude models, including the latest Claude Opus 4.8, will not be affected. >
Why: The story of one jailbreak
To understand what is happening, we need to remember the context: Fable 5 is a public version of the Mythos model, which is not available to ordinary users in the field of cybersecurity. Security classifiers were supposed to block the use of Mythos cyber capabilities through the Fable interface.
According to David Sachs, co-head of the Presidential Council on Science and Technology and a former AI adviser to the administration, the U.S. government warned Anthropic that Claude Fable 5 had been hacked and that CEO Dario Amodei refused to fix the vulnerability or recall the model. >
Sachs claims that a trusted partner of both Anthropic and the U.S. government who tested Fable discovered a jailbreak of protective barriers that separate the consumer model from the unlimited cyber capabilities of Mythos, the model on which Fable is built. >
When Anthropic CEO Dario Amodei was informed of the vulnerability, he claimed that jailbreak posed no serious risk. Sachs further stated that Anthropic refused to fix the problem. >
According to a source close to the White House, the vulnerability was reported to the government by Amazon — CEO Andy Jassy personally contacted members of the administration on this issue. >
Sachs said the administration had issued export controls "reluctantly" after the waiver, that it wanted to lift the cap after removing the jailbreak, and that "the ball is on Anthropic's side." >
Anthropic version: jailbreak is not universal
The company publicly disagrees with the treatment of the situation as critical.
Anthropic said it considers the jailbreak mentioned by the government to be narrow — opening up Mythos’ cyber capabilities only in one particular case, rather than a universal bypass that would defeat all of Fable 5’s protective barriers. The company also said the same result could be obtained from other publicly available models. >
<cite index="20-1" Anthropic’s public position: circumvention is narrow and non-universal, essentially boils down to the fact that models are asked to read the codebase and find software flaws – and the same result can be obtained on other public models, including GPT-5.5 from OpenAI. The company said it did not agree that the discovery of a narrow potential jailbreak should cause the recall of a commercial model deployed to hundreds of millions of people. >
Sachs rejects this, arguing that circumvention, which allows the operation of cyber weapons, is difficult to define as anything but serious. >
This is the essence of the conflict: one side considers jailbreak a niche technical incident, the other – a potential tool for cyber attacks in the wrong hands.
Chinese trail: another version of motivation
In parallel, a second, more disturbing version of what is happening appeared.
Semafor, citing a source familiar with the matter, said the White House acted in part because of concerns that a China-linked group had gained access to Mythos. <cite index="13-1" This raises the possibility that the model could have been reverse engineered or distilled. >
<cite index="17-1" If confirmed, this would be a significant development in a broader debate about the national security risks posed by China’s access to American AI models. >
Anthropic denies this version: a company representative said that the White House did not raise the issue of Chinese access to Mythos in conversations around jailbreak and export controls, and that Anthropic is blocking access to its products from China. >
Divergent versions are not permitted publicly. It is possible that both the jailbreak and concerns about China acted simultaneously and reinforced each other in the administration’s decision.
Anthropic's reaction: "We consider this a misunderstanding"
The tone of the company's official statement is markedly different from the usual security rhetoric Anthropic uses in other contexts.
"We have to abruptly disable Fable 5 and Mythos 5 for all of our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible.” >
The phrase “we believe that this is a misunderstanding” is a rare case of public disagreement of an AI company with a direct government order, accompanied by immediate compliance with the requirement.
Andy Jassy and the role of Amazon
Amazon, a major investor and cloud partner of Anthropic (via AWS), was a signal to the government.
Amazon has also reported a similar jailbreak flaw, and Amazon CEO Andy Jassey has reportedly communicated personally with members of the U.S. administration. >
This is an interesting nuance of corporate dynamics: a partner and a major investor of the company informed the state about the safety problem of the same company's product, before the company itself recognized the problem as critical.
What does it mean technically and legally
"Deemed export" - an unusual application of a long-standing norm
The logic resembles "deemed export." According to 15 CFR 734.13, the transfer of controlled technology or source code to a foreign person located in the United States can count as an export to his country of citizenship or residence. >
This rule has existed for decades in relation to physical technologies and classified developments. Applying it to cloud API access to a language model is a precedent that has no clear historical basis.
Why citizenship blocking is technically impossible selectively
Blocking by country is technically familiar: providers can combine IP geolocation, payment addresses, cloud regions, account verification and sanctions lists to restrict access from specific locations. Blocking every foreign national inside the U.S. is a different task, because location does not establish citizenship. >
<cite index="13-1" To continue serving only the right customers in the U.S., Anthropic and its distribution partners would need a reliable way to verify each user’s citizenship – an infrastructure no AI company has today. >
It was this technical impossibility of selective verification that led to the total shutdown of models for all, rather than a selective restriction.
Reaction: What observers say
The parallel with export controls on hardware is indicative: non-US companies have long faced significant obstacles in acquiring the most advanced GPUs from Nvidia. The spread of a similar logic to model access marks a significant escalation. >
<cite index="14-1" If this policy continues or expands, we may see access to cutting-edge models increasingly tied to citizenship or its verification — not just in Anthropic, but potentially in OpenAI, Google, xAI and others. China and other countries could respond with their own restrictions to top-end models, accelerating the move toward “sovereign” or regionally isolated AI systems. >
This is a key long-term risk: the precedent set by one directive against one company is potentially a game-changer for the entire industry.
What next
Anthropic will reportedly meet with the White House in Washington on June 22, 2026. >
<cite index="26-1" The administration’s hope now is that Anthropic will fix the security issue, export controls will be removed, and Fable will return to public access. >
Mythos 5 has lighter or smaller restrictions and is only available to trusted organizations and partners, for example, through programs like Project Glasswing for work in the field of cybersecurity. This part of the ecosystem continues to operate in limited mode in parallel with the public scandal surrounding Fable.
What does it mean for users right now
If you are using Fable 5 or Mythos 5, access is disabled regardless of your nationality, location or plan. This is not a selective restriction, but a complete shutdown of models.
The Claude Opus 4.8 and the rest of the Anthropic line-up are operating unchanged – the export directive applies exclusively to the Mythos class.
For developers who have integrated with the Fable 5 API in production, a temporary rollback on Opus 4.8 is required until the situation is resolved. Given the White House meeting is set for June 22, it's wise not to count on a quick return of models.
Context: This is not the first Fable 5 crisis
This is the second major security incident around Fable 5 in a week since its release. Earlier, the Pliny the Liberator researcher publicly demonstrated his own bypass of the model’s protective classifiers and published a leaked system prompt. Anthropic did not comment publicly at the time.
The current situation - with a closed report from a trusted partner that led to state export controls - is formally a separate incident. But both cases point to the same structural problem: the classifier-based protection architecture on top of the initially unlimited Mythos model proved to be more vulnerable than Anthropic had anticipated at launch.
*The article is based on Anthropic's official statement, CNBC, Fortune, Axios (via TechTimes), Semafor, Tom's Hardware, Business Standard and David Sacks' posts in X. Updated June 16, 2026. The situation is evolving - watch for updates. *
