The U.S. government prohibits foreigners from using Fable 5, Anthropic issues a rebuttal

Author: Xiong Lei

Editor: Xu Qingyang

On June 12, local time in the United States, a rare confrontation between government and enterprise regarding AI regulation suddenly erupted this Friday.

The U.S. government issued an export control directive to Anthropic, citing national security, demanding an immediate suspension of all foreign entities' access to the AI models Fable 5 and Mythos 5. This directive has a broad scope, applying not only to foreign users outside the United States but also to foreign citizens within the U.S., including foreign employees within Anthropic.

As a compliance measure, Anthropic had no choice but to completely shut down access to these two models for all users—this is currently the only feasible solution to ensure compliance, as the company cannot technically distinguish between "foreign entities" and "U.S. citizens" within its user base. Access to other models from the company remains unaffected, and users will automatically revert to Claude Opus 4.8.

This emergency halt came as a surprise. Fable 5 and Mythos 5 were officially released on June 9, just three days prior. The sudden removal of these two models has caused widespread shock in the tech and AI communities.

01 What Are the Two Models

To understand the core tension of this incident, it is essential to know what Fable 5 and Mythos 5 are and why they have been under regulatory scrutiny from the outset.

Mythos is a new model family from Anthropic that is superior in capability to the Opus series, representing the highest level of capability currently publicly deployable by Anthropic. The first Mythos model, Claude Mythos Preview, was released in April this year through the "Project Glasswing" initiative, with access strictly limited to a few partners due to its powerful capabilities in cybersecurity, making it unsuitable for broad release.

Fable 5 is the first Mythos-level model officially open to the public, surpassing all previously released models from Anthropic, achieving top-tier performance across nearly all benchmark tests in software engineering, knowledge work, visual understanding, scientific research, and more.

To facilitate public release, Anthropic equipped Fable 5 with dedicated security mechanisms— in high-risk areas such as cybersecurity, biology, and chemistry, the model will automatically block responses and revert to Claude Opus 4.8 for processing.

Mythos 5 is a version based on the same underlying model but equipped with fewer security protections, open only to previously approved institutions that had access to Project Glasswing, positioned as a professional tool for cybersecurity defenders and critical infrastructure operators. Both models are priced the same, at $10 per million input tokens and $50 per million output tokens.

02 The Trigger for the Directive

According to reports, U.S. Secretary of Commerce Howard Lutnick sent a letter to Anthropic CEO Dario Amodei on June 12, announcing that Mythos 5 and Fable 5 would be subject to export controls. The direct reason for this decision was another company's claim that it could "jailbreak" Mythos, raising alarms for the Trump administration regarding potential national security risks.

It is reported that the Trump administration had previously attempted to prevent Anthropic from releasing these two models but was unsuccessful—this led the government to subsequently adopt the more stringent measure of export controls.

In response to this sudden directive, Anthropic issued a rare and strongly worded lengthy statement, systematically refuting the government's rationale while complying with the directive.

Anthropic believes that the "jailbreak" evidence held by the government pertains only to a very narrow and non-generalizable attack method, essentially requiring the model to read specific code libraries and fix software vulnerabilities within them—this capability also exists in other publicly available models, including OpenAI's GPT-5.5, and is routinely used by cybersecurity defenders for normal system maintenance.

In the statement, Anthropic explicitly stated that if "the existence of a limited potential jailbreak" is used as a standard for recalling deployed commercial models, it would effectively halt the new deployment of all cutting-edge models across the entire industry. The company also emphasized that the government's action did not follow the previously publicly called-for transparent, fair, and fact-based legal procedures.

Anthropic stated that it would comply with the government's legitimate directive while actively working to communicate with the government to restore access as soon as possible, and would release more technical details within the next 24 hours. The company believes this incident stems from a misunderstanding and sincerely apologizes for the inconvenience caused to users.

Below is the full statement released by Anthropic titled "Statement on the U.S. Government's Directive to Suspend Access to Fable 5 and Mythos 5":

The U.S. government, under national security authority, issued an export control directive requiring the suspension of access to Fable 5 and Mythos 5 for all foreign citizens, regardless of whether they are inside or outside the United States, including foreign employees of Anthropic. The practical effect of this directive is that we must immediately shut down access to Fable 5 and Mythos 5 for all users to ensure compliance. Other Anthropic models remain unaffected.

We received this directive at 5:21 PM Eastern Time today. The letter did not specify the exact national security concerns. As we understand it, the government believes it has identified a method to bypass Fable 5's security protections, known as "jailbreaking." We reviewed a demonstration of this technique and found that it can only identify a small number of previously known, minor vulnerabilities. These vulnerabilities are relatively simple, and other publicly available models can discover the same issues without needing to jailbreak.

Anthropic articulated our stance on the security protections of Fable in a blog post released with the model, as follows:

We have established robust security mechanisms that significantly reduce the likelihood of Fable being misused for tasks related to cybersecurity. In fact, some users have reported that our protective measures are overly stringent.

In the weeks leading up to the release of Fable, Anthropic collaborated with the U.S. government, the UK AI Safety Institute, several third-party organizations, and internal teams to conduct thousands of hours of red team testing on Fable's security protections. The test results indicate that Fable's security protections are significantly better than any previously deployed models.

To date, no testers have been able to find a "universal jailbreak" method—a method that can comprehensively breach model security protections and unlock extensive cyber attack capabilities.

We believe that currently, no model provider can achieve perfect jailbreak protection. All protective mechanisms in the industry are susceptible to being breached by "non-general jailbreaks" (i.e., obtaining partial network information under specific circumstances), and a universal jailbreak method may emerge in the future. We made this clear at the time of Fable 5's release.

Given that perfect jailbreak protection is currently unfeasible, Anthropic has adopted a layered defense strategy for Fable 5. Our goal is to make jailbreak attacks either very narrow in scope (targeting non-general jailbreaks) or very costly (targeting general jailbreaks), supplemented by comprehensive monitoring to quickly detect and contain any successful attacks. This is also why Anthropic requires customer data to be retained for 30 days—although this policy has had a tangible impact on our customer relationships, it helps us study and respond to jailbreak risks.

We stand by this layered defense strategy. It effectively reduces the risks posed by Fable, making them comparable to the risk levels of existing deployed models in the industry.

So far, we have not received any formal disclosures regarding non-general jailbreaks that could lead to harmful consequences. The potential jailbreak cases disclosed to us are either completely harmless or only represent minor findings that do not reflect the unique capabilities of Mythos.

Currently, the U.S. government has only provided us with verbal evidence regarding a potential, limited non-general jailbreak method, which essentially requires the model to read specific code libraries and fix software vulnerabilities within them. As we understand it, this potential jailbreak method has been shared with the government. We reviewed a report—we believe this report constitutes the basis for the government's issuance of the directive—and have verified that the capability level demonstrated in the report is also commonly found in other models (including OpenAI's GPT-5.5) and is routinely used by cybersecurity defenders for system maintenance. We will release more details within the next 24 hours.

We will comply with the government's legitimate directive and shut down access to Fable 5 and Mythos 5 for all users. However, we do not agree that the discovery of a limited potential jailbreak method is sufficient reason to recall a commercial model that has been deployed to hundreds of millions of users. If this standard were applied across the industry, it would effectively halt the new model deployments of all cutting-edge model providers.

We have publicly stated that the government should have the authority to prevent unsafe model deployments based on transparent, fair, clear, and fact-based legal procedures. This action did not adhere to those principles.

We sincerely apologize for the inconvenience caused to users. We believe this incident stems from a misunderstanding and are actively working to restore access as soon as possible.