# US Directive Suspends Anthropic's Mythos and Fable Access > Source: > Published: 2026-06-18 14:23:58.722773+00:00 # US Directive Suspends Anthropic's Mythos and Fable Access According to Anthropic's June 12 statement, the US government issued an export control directive that "suspend[s] all access to Fable 5 and Mythos 5 by any foreign national," and Anthropic said it disabled access to both models for all customers to comply. Anthropic reported receiving the letter at **5:21pm (ET)** on **June 12** and said the government did not provide detailed explanation of its national security concern. The Wall Street Journal reports that researcher Nicholas Carlini demonstrated how Mythos could be used to find critical software vulnerabilities; TechPolicy.Press and other outlets report that concerns raised to the White House, including by Amazon CEO Andy Jassy, helped prompt the government's action. Editorial analysis: The episode exposes gaps in how government, industry, and security researchers coordinate around frontier models, creating operational and compliance risks for practitioners. ### What happened According to Anthropic's June 12 statement, the US government issued an export control directive to "suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees." Anthropic said it received the directive at **5:21pm (ET)** on **June 12** and that, to satisfy the order, it "abruptly disable[d] Fable 5 and Mythos 5 for all our customers." Anthropic also stated that "access to all other Anthropic models will not be affected." (Anthropic statement) The Wall Street Journal reports that researcher Nicholas Carlini demonstrated in March how the models could be used to discover critical vulnerabilities in widely used software, including a web-publishing system and Linux, which alarmed some government and industry actors. (Wall Street Journal) TechPolicy.Press reported that concerns raised by Amazon CEO Andy Jassy to the White House were among the triggers for the Department of Commerce letter, and that Anthropic disputed the notion that the demonstrated bypass constituted a universal jailbreak warranting a commercial recall. (TechPolicy.Press) Cybersecurity coverage framed the episode as a watershed moment: multiple outlets describe Mythos as unusually effective at finding vulnerabilities, and they report industry debate about how aggressively policymakers should intervene. (Cybersecurity Dive) ### Editorial analysis - technical context Observed patterns in similar episodes show that frontier models can materially change red-team and vulnerability-discovery workflows. Models with strong capability to surface exploitable issues compress the timeline between discovery and exploitation, raising both defensive value and misuse risk. For practitioners, that means threat modelling, disclosure pipelines, and tooling that assume human-limited discovery cadence may need reexamination. Industry-pattern observations: Public statements from Anthropic emphasize that the company and third parties conducted extensive red-teaming and that no tester had found a "universal jailbreak," a term the company used in its statement to describe broadly effective bypass methods. The company also noted that the specific bypass technique the government referenced resembled previously known, narrower vulnerabilities that other public models can elicit. (Anthropic statement) ### Context and significance Government export controls applied to specific models mark a substantive escalation in state involvement with AI deployment, moving beyond personnel and hardware controls toward software-access restrictions. Observers and outlets characterize the Commerce Department action as one of the most powerful examples to date of US intervention in the AI development and distribution cycle. (TechPolicy.Press, Wall Street Journal) For practitioners, the incident highlights two operational tensions: first, the difference between targeted mitigation and blunt access restrictions; second, the verification problem for external reviewers when the government cites national-security concerns without public technical detail. Both tensions complicate vendor risk assessments, third-party audits, and enterprise procurement decisions. ### What to watch - •Government filings and follow-up guidance: whether the Department of Commerce or other agencies publish technical criteria or narrowly scoped restrictions tied to exploit classes. - •Independent third-party testing regimes: reporting on whether qualified independent audits, as proposed in public policy debates, gain traction and what standards they adopt. - •Vendor and customer disclosures: how cloud providers, commercial customers, and vendors record and respond to abrupt model suspensions in contracts and incident response playbooks. - •Research community dialogue: whether vulnerability disclosure norms for ML-found flaws converge with established software vulnerability processes, including CVE coordination and exploit timelines. Editorial analysis: The Mythos episode will likely be treated as a reference case in future policy and corporate governance discussions, but public facts remain partial. Reported actions and demonstrations are clear; the underlying government rationale, technical thresholds for export controls, and the long-term operational consequences for model deployment remain open questions. ## Scoring Rationale A US export-control directive targeting commercial models is a major regulatory escalation with immediate operational effects for security teams, cloud vendors, and model governance. It sets a precedent likely to influence policy and procurement. Practice interview problems based on real data 1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with. [Try 250 free problems](/problems)