Anthropic disables Claude Fable 5 and Mythos 5 after US government order

A US export order pulled Claude Fable 5 and Mythos 5 in hours. The blast radius landed on builders outside America.

At 5:21pm on a Friday, an email reached Anthropic’s CEO. Inside the hour, the most capable model the company had ever shipped went dark for every customer on the planet. It had been public for three days.

That is the part most of the coverage skipped past. A government did not slap a fine on a product or open an investigation that would crawl through the courts for a year.

It reached into a model that hundreds of millions of people were already using and switched it off, fast, on national security grounds. As far as anyone has been able to find, this has never happened to a publicly deployed frontier model before.

If you build on the Claude API, or you were planning to, the mechanics of how this went down matter more than the politics around it. So let me walk through what happened, why so many of us lost access even though the order named a narrow group, and what you should actually do about it.

What actually happened, in plain terms

Claude Fable 5 and Claude Mythos 5 launched on June 9. Fable 5 was the public one, sold as the first model in a new tier Anthropic calls Mythos-class, a step above its Opus models. Mythos 5 was the restricted sibling, handed only to vetted partners through a program called Project Glasswing.

Three days later, the US Commerce Department sent Anthropic an export control directive. Reporting from Bloomberg and others ties the letter to Commerce Secretary Howard Lutnick, addressed to CEO Dario Amodei. It ordered the company to cut off all access to both models by any foreign national, whether that person sat in California or Karnataka, and it included Anthropic’s own employees who are not US citizens.

Anthropic complied the same evening. By the next morning, both models returned errors for everyone, and the company had published a public statement disagreeing with the order while obeying it. Every other Claude model, including Opus 4.8, stayed online and untouched.

Why everyone lost access, not just foreign nationals

Here is the detail that turns this from an American policy story into a global one. The order targeted foreign nationals. The shutdown hit everyone.

The reason is boring and important. Anthropic cannot reliably sort US citizens from foreign nationals at the moment an API call lands, certainly not for the millions of requests that flow through a frontier model every day.

Faced with an order it had to obey immediately, the company did the only thing that guaranteed compliance. It pulled the models for all users, American or not.

So the practical result inverted the stated intent. A US national security measure, aimed at keeping technology away from non-Americans, produced its sharpest effect on the non-Americans who make up most of the world’s developers. A solo builder in Vadodara, a startup in Berlin, an engineer in Lagos, all lost the same model at the same second, and so did the Americans the order was meant to protect.

The jailbreak at the center of it

The government’s stated worry traces back to a jailbreak. A jailbreak is any trick that gets a model to ignore its own safety rules and produce something it was built to refuse.

According to Anthropic, a different company claimed it had found a way to bypass Mythos, and that claim reached officials who read it as a security risk. The company says it reviewed the demonstration behind the order. In its telling, the technique amounted to asking the model to read a specific codebase and point out software flaws, and what it surfaced were a handful of already known, minor vulnerabilities.

Anthropic’s rebuttal is blunt. It says other public models, naming OpenAI’s GPT-5.5 directly, find the same flaws with no jailbreak required, because spotting routine bugs in code is something defenders do every day. The company argues this was a narrow, non-universal gap, not the kind of broad bypass that would unlock genuinely dangerous capability, and that recalling a model used by hundreds of millions over a finding like this sets a standard that would freeze new releases across the whole industry.

Worth knowing how Fable’s guardrails were built, because it shapes who is right here. Fable 5 runs separate classifier systems that watch for queries touching cybersecurity, biology, chemistry, and bulk capability extraction.

When one trips, the request quietly falls back to Opus 4.8, and Anthropic says that happens in under 5 percent of sessions. The company red-teamed these defenses for thousands of hours before launch alongside the US government itself and the UK’s AI Safety Institute, and says no tester has yet found a universal bypass.

Why this one is different from every takedown before it

Plenty of products get banned. Apps vanish from stores, exports get blocked, companies get fined. What makes this case sit in a different category is the speed and the surface it touched.

This was a live model, already deployed to the public, pulled within hours of a letter, with no court hearing first. It also lands after months of open friction between Anthropic and the administration, including an earlier fight in which the government branded the company a supply chain risk before a judge blocked that move.

The pattern that builders should notice is simple. A frontier model is now a thing a government can switch off in an afternoon, and the people relying on it find out when their code starts returning errors.

The collateral damage was real and immediate. Before the shutdown, early users had run Fable on serious work, including a code migration across a 50 million line Ruby codebase at Stripe.

On the Mythos side, Glasswing partners had been using the technology to harden their own systems, with Mozilla reporting it had closed hundreds of security holes that way. All of that paused overnight.

What it means if you build on someone else’s model

Strip away the headlines and there is a plain lesson for anyone whose product, newsletter, or side business sits on top of an AI API. Your access is a permission, not a possession. It can be revoked by a party that is not you and not even the company you pay.

Most of us already understood that a vendor could deprecate a model or raise a price. This is a new variable. A government you do not answer to, in a country you may not live in, can remove your tooling on a timeline measured in hours, for reasons that have nothing to do with how you use it.

That does not mean abandon frontier models. It means design as if any single model string could disappear tomorrow, because one just did.

Keep your prompts portable across providers. Avoid hard-coding one model name as the only path your app can take. Treat the cutting-edge tier as an accelerator you can swap out, not a foundation you have poured concrete around.

What to do right now

If something you run broke this week, the fix is short. Point your calls at Claude Opus 4.8, which stayed online the entire time and is Anthropic’s own recommended fallback. The API string is claude-opus-4-8.

A reassuring fact sits inside Anthropic’s own numbers. Since Fable routed only about 5 percent of sessions away to Opus anyway, the vast majority of ordinary Fable workloads, the writing, the coding, the analysis, run on Opus 4.8 with little practical loss. The gap shows up mainly at the frontier edges, not in daily work.

For the longer term, build a habit, not a one-time patch. Wrap your model calls so a failure on one string falls through to another automatically, the same way you would handle any service that might go down. The builders who shrugged this week were the ones who had already done that.

Questions people are asking

Is Claude still working? Yes. Only Fable 5 and Mythos 5 were disabled. Opus 4.8, Sonnet, and Haiku stayed fully available across every surface.

Why did I lose access if I am not American? The order barred foreign nationals, and Anthropic could not separate US users from everyone else in real time. To comply, it shut the two models down for all customers.

Will the models come back? Anthropic says it is working to restore access and considers the order a misunderstanding. No firm timeline has been given, and the decision rests with the government, not the company.

Was there a real security breach? No breach of a deployed system has been reported. The trigger was a claimed jailbreak that, by Anthropic’s account, surfaced only minor known vulnerabilities also reachable through other public models.

What should I use instead? Claude Opus 4.8 is the direct replacement for nearly all everyday tasks and was unaffected by the order.