The Fix Was In
One jailbreak resulted in Anthropic disabling Mythos and Fable. A worse one left OpenAI's GPT5.5 untouched.
On Friday, Anthropic disabled its two most capable AI models for every customer on the planet. Not because it was ordered to, but because the US government restricted foreign national access and Anthropic had no way to enforce that selectively.
The letter that triggered that decision arrived at 5:21pm Eastern, addressed to CEO Dario Amodei from Commerce Secretary Howard Lutnick. [1]
It placed Fable 5 and Mythos 5 - Anthropic’s two most capable AI models, launched only three days earlier - under export controls. Any access by a foreign national, anywhere in the world, including foreign-national Anthropic employees sitting at desks in San Francisco, now required a government licence. [2]
Anthropic could not identify and block foreign nationals across a shared commercial platform in real time, so it made a choice: disable both models for every customer on the planet, or risk non-compliance. Within hours, the models were no longer accessible. [3]
The reason given, per Anthropic’s public statement: the government believed a method of bypassing Fable 5’s safety guardrails - a “jailbreak” - had been discovered. [2]
Who actually lost access
The people cut off by this directive are not theoretical threat actors. They are the security researchers who use AI to find software vulnerabilities before attackers do - the people the directive is ostensibly designed to protect against. They are medical researchers using Mythos-class models to accelerate drug design. They are the engineers at companies like Mozilla, which had already used Anthropic’s predecessor model, Mythos Preview, to find and fix 271 vulnerabilities in Firefox - ten times more than they found using an earlier Claude model. [4]
They are also, under the terms of the export directive, Anthropic’s own foreign-national employees. The people who helped build the models are now barred from accessing them. [2]
This is not a precision instrument. The directive does not draw a line at state actors, or adversary nations, or organisations on a watchlist. It draws a line at nationality. An Australian cybersecurity professional, a Canadian biomedical researcher, a German software engineer - all cut off by the same instrument, regardless of the work they are doing or who they work for. [5]
Anthropic put the consequence plainly: if the standard applied here were applied consistently across the AI industry, it would effectively halt all new model deployments for all frontier model providers. [2]
What the government actually cited
According to Anthropic’s public statement, the government provided, to date, only verbal evidence of a potential narrow, non-universal jailbreak. The technique described amounts to asking the model to read a specific codebase and fix software flaws. [2]
Anthropic reviewed the report it believes formed the basis of the directive and found the capability it demonstrated was “widely available from other models (including OpenAI’s GPT-5.5), and is used every day by the defenders who keep systems safe.” [2]
OpenAI’s GPT-5.5 is the direct commercial competitor to Fable 5 in the frontier AI market. Its cybersecurity capabilities are assessed in OpenAI’s own published system card and in an independent evaluation by the UK’s AI Security Institute (UK AISI) - a government body whose findings are incorporated into the official documentation of the models it evaluates. [6]
The UK AISI published its evaluation of GPT-5.5 on 30 April 2026 - over six weeks before the Anthropic directive. Its finding on jailbreaks:
“We identified a universal jailbreak that elicited violative content across all malicious cyber queries OpenAI provided, including in multi-turn agentic settings. This attack took six hours of expert red-teaming to develop.” [7]
That distinction matters. A universal jailbreak broadly bypasses a model’s safeguards across a wide range of harmful queries. Anthropic’s own launch documentation defines the difference explicitly: a universal jailbreak is categorically more serious than a narrow, non-universal one, which works only in limited contexts and requires additional effort to adapt to each new situation. [8]
The government’s stated basis for the Anthropic directive was a narrow, non-universal jailbreak.
A government evaluator had already documented a universal jailbreak on GPT-5.5 over six weeks earlier - but GPT-5.5 is not under an export control directive, and OpenAI has not disabled it for any customers. [9]
How this was done
The instrument used against Anthropic is the Export Administration Regulations (EAR), administered by the Commerce Department’s Bureau of Industry and Security (BIS). These are the same regulations used to control advanced semiconductors, military hardware, and dual-use equipment - the architecture built to govern physical weapons and strategic technology. [5]
Commerce Secretary Lutnick’s letter to Amodei mandated that any export, re-export, or domestic transfer of Fable 5 and Mythos 5 to non-US persons required prior government authorisation. Note what that means in practice: not export to a foreign country, but any interaction with a foreign national anywhere - including in an American office, on an American server, by an American company. [1, 5]
NBC News noted the significance of the mechanism: this is the first time a leading AI company has had a publicly deployed model taken offline due to federal government intervention. [10]
And the mechanism itself carries no requirement to demonstrate harm. There is no evidentiary bar. No breach needs to have occurred, no attack needs to have been enabled, no damage needs to have been caused. All that is required is a government determination that a national security concern exists. The letter to Amodei did not specify what that concern was. [2]
Why Anthropic complied
Non-compliance with a BIS export control directive carries civil penalties of up to $374,474 per violation, or twice the value of the transaction - whichever is greater - with the figure adjusted annually for inflation and escalating penalties for repeated violations. For a company of Anthropic’s scale, with models processing millions of transactions daily, the financial exposure from non-compliance would be catastrophic. [11]
So Anthropic complied. It did not agree. Its public statement says explicitly: “We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people.” It called the action a “misunderstanding” and said it was working to restore access. [2]
The company has been direct about what the legal reality is: BIS directives are binding, there is no appeal mechanism that operates faster than the directive, and a US company that ignores one does not get to keep operating normally while the dispute is resolved. [12]
What Anthropic can do - and has done - is say on the public record that the standard applied here, if applied consistently across the industry, would functionally end frontier AI deployment. That statement is on the record. No equivalent action against any other company has followed from it. [2]
The comparison that closes the door
The UK AISI is not a peripheral body. It is a government evaluator whose published findings are incorporated into the official system cards of the models it assesses. OpenAI’s own GPT-5.5 system card, published 23 April 2026, references the AISI evaluation directly. The AISI’s finding of a universal jailbreak on GPT-5.5 is not an independent claim floating somewhere on the internet - it is a finding that appears in OpenAI’s primary public documentation. [6, 7]
The same Commerce Department that issued the directive against Anthropic had access to that documentation. The AISI finding was over six weeks old when Lutnick’s letter reached Amodei. There is no reasonable version of events in which the department was unaware of it.
The capability that triggered the Anthropic directive - reading a codebase and fixing bugs - is the same kind of task the AISI found GPT-5.5 capable of completing via a confirmed universal jailbreak. On the AISI’s advanced cyber task suite, GPT-5.5 achieved a 71.4% expert-level pass rate. Anthropic’s Mythos Preview was the first model to complete the AISI’s full corporate network attack simulation end-to-end; GPT-5.5 was the second. Their capabilities, as assessed by the same government evaluator using the same benchmarks, are comparable. [7]
One company chose to disable its models globally rather than risk non-compliance three days after launch.
The other did not.
The history they didn’t mention
In February 2026, the Trump administration ordered all federal agencies to immediately cease using Anthropic’s technology. The dispute was over guardrails: Anthropic refused to allow its models to be used for mass domestic surveillance or fully autonomous lethal weapons.
The Pentagon wanted unrestricted access. Anthropic said no.
In response, the Pentagon designated Anthropic a supply chain risk - a classification ordinarily reserved for companies linked to foreign adversaries. Anthropic filed suit, and a federal judge later found the government had likely acted in retaliation for speech protected by the First Amendment. [13]
That context sits behind everything that followed.
Axios reported on 12 June 2026 that before the export control letter was sent, the Trump administration had tried to convince Anthropic to delay releasing Fable 5 and Mythos 5. Anthropic did not comply. An administration official told Axios the export control letter followed directly from that failure. One source documents this. [1]
Anthropic refused to remove safety guardrails on lethal weapons and surveillance. The government retaliated by cutting its contracts and designating it a national security risk. A court found that retaliation was likely illegal. Anthropic then launched its most capable models. The government tried to stop the launch. When that failed, it restricted foreign national access via export controls - and Anthropic, unable to enforce that selectively, pulled the models for everyone within days of going live.
The government’s stated justification for the June directive is a narrow jailbreak on a model that had been publicly available for three days.
The UK government’s own evaluator had documented a confirmed universal jailbreak on OpenAI’s GPT-5.5 model over six weeks earlier. That model still remains available globally.
The same government that found Anthropic’s safety guardrails unacceptable in February found Anthropic’s safety guardrails insufficient in June.
Your Turn
The documented record raises a question that does not have an obvious answer.
If you have evidence that GPT-5.5 has been subjected to equivalent action, or that the jailbreak cited against Anthropic is materially more serious than the one documented by the UK AISI against OpenAI, bring it forward.
If you think the export control regime is being applied consistently and there is a public record that shows it, point to it. The evidence trail runs both ways.
Comments are open. Disagreement is welcome. Bring your sources.
Sources
Axios, “Scoop: Trump admin blocks foreign access to Anthropic’s most powerful AI,” 12 June 2026. https://www.axios.com/2026/06/12/anthropic-trump-mythos-fable-national-security. Note: the prior attempt to delay the Fable 5 and Mythos 5 launch is reported via an unnamed administration official in this piece; one source documents this claim.
Anthropic, “Statement on the US government directive to suspend access to Fable 5 and Mythos 5,” 12 June 2026. https://www.anthropic.com/news/fable-mythos-access
StartupHub.ai, “Anthropic Disables Fable 5 and Mythos 5 After US Export Control Order,” 12 June 2026. https://www.startuphub.ai/ai-news/technology/2026/anthropic-disables-fable-5-and-mythos-5-after-us-export-control-order
Anthropic, “Project Glasswing: An initial update,” 22 May 2026. https://www.anthropic.com/research/glasswing-initial-update; TechTimes, “Anthropic Claude Mythos Has Helped Mozilla Find 271 Vulnerabilities on Firefox 150,” 21 April 2026. https://www.techtimes.com/articles/316046/20260421/anthropic-claude-mythos-has-helped-mozilla-find-271-vulnerabilities-firefox-150.htm
Crypto Briefing, “Anthropic cuts global access to Mythos models after US export controls,” 12 June 2026. https://cryptobriefing.com/anthropic-mythos-models-us-export-controls/
OpenAI, GPT-5.5 System Card, published 23 April 2026. https://deploymentsafety.openai.com/gpt-5-5
UK AI Security Institute, “Our evaluation of OpenAI’s GPT-5.5 cyber capabilities,” 30 April 2026. https://www.aisi.gov.uk/blog/our-evaluation-of-openais-gpt-5-5-cyber-capabilities
Anthropic, “Claude Fable 5 and Claude Mythos 5,” 9 June 2026 (footnote 4). https://www.anthropic.com/news/claude-fable-5-mythos-5
No equivalent Commerce Department export control directive against OpenAI’s GPT-5.5 has been publicly reported as at 13 June 2026. No suspension of GPT-5.5 has been announced.
NBC News, “Anthropic suspends new AI models after government directive,” 12 June 2026. https://www.nbcnews.com/tech/tech-news/anthropic-suspends-new-ai-models-fable-mythos-government-directive-rcna349901
Bureau of Industry and Security (BIS), Export Administration Regulations. Civil penalties under the EAR can reach the greater of USD $374,474 per violation or twice the value of the transaction, whichever is greater. This figure is adjusted annually for inflation; the current amount is effective as of 15 January 2025. Source: https://www.bis.gov/enforcement/penalties
Digg summary of Anthropic statement and reporting, 12 June 2026. https://digg.com/tech/m15pgs7o
House Science Committee, Ranking Member Lofgren press release, “Ranking Member Lofgren Appalled by Trump Administration’s Attacks on Anthropic,” 27 February 2026. https://democrats-science.house.gov/news/press-releases/ranking-member-lofgren-appalled-by-trump-administrations-attacks-on-anthropic; TechPolicy.Press, “A Timeline of the Anthropic-Pentagon Dispute.” https://www.techpolicy.press/a-timeline-of-the-anthropic-pentagon-dispute/; Courthouse News Service, “DC Circuit slams Pentagon blacklisting of Anthropic as overreach.” https://www.courthousenews.com/dc-circuit-slams-pentagon-blacklisting-of-anthropic-as-overreach/