White House export controls shut Anthropic’s Fable 5 after Amazon flagged Mythos jailbreak

On Friday evening, the U.S. Commerce Department stepped in and used national security export controls to bar Anthropic from distributing Fable 5 and its underlying model, Mythos 5, to foreign nationals. That includes people outside the U.S. as well as non-citizens working inside the country, including employees within Anthropic. The lab said it had “no option but to disable both models for all users.”

The chain of events reportedly started Thursday, when Amazon CEO Andy Jassy alerted senior administration officials after Amazon researchers used a series of prompts to get the Mythos-class model to provide information about cyberattacks that was supposed to be restricted. Politico reported the government asked Amazon for feedback on the new Anthropic model, and an Amazon spokesperson told Fortune that governments often seek counsel on potential security risks, adding, “When they occur, we don’t share the details of these discussions.” From there, the White House and Anthropic went into rapid-fire troubleshooting: Politico reported calls between Anthropic CEO Dario Amodei and senior administration officials, during which Amodei argued the security bypass found by Amazon was narrow rather than a full jailbreak of the model’s safeguards.

One detail that makes this story feel like a reckoning, not a routine fix: Anthropic was reportedly given 90 minutes to pull its newest model, Mythos 5 and Fable 5, and was given no previous communication of a national security threat. Still, the administration moved quickly enough that by Friday, access was already being cut off through export controls. The episode is being framed as unprecedented because it is the first time the U.S. government has used export controls to halt access to a commercial AI model already widely used by the public.

To understand why this became so explosive, you have to look at what “foreign access” means in AI terms. Export controls are not just about where a server sits. They effectively control who can interact with the model, and at what point in time, depending on the categorization of “foreign nationals” under U.S. rules. In this case, the scope was broad enough that Anthropic said it had to disable the models for everyone, not just customers outside the country. So even if the government’s concern was about restricted capability and jailbreak pathways, the practical outcome was an all-users shutdown. That is the kind of second-order operational pain boards hate, because it turns a model release into an on/off switch dictated by Washington.

There is also a dispute over what the White House was specifically worried about. Anthropic, according to a spokesperson cited by Semafor, says the White House did not raise Chinese access to Mythos in conversations with the company and that Anthropic prohibits access to its products from within China. Semafor also reported, citing unnamed sources, that the U.S. government suspected a Chinese-linked group had already used the jailbreak Amazon discovered, though it was unclear how that suspicion was reached or what evidence supported it. Meanwhile, White House AI adviser David Sacks offered his own account: he wrote on X that a highly credible, trusted partner of both Anthropic and the government identified a jailbreak in Fable 5’s guardrails, and that the administration asked Amodei to fix the issue or withdraw the model. Sacks said Amodei refused, and that the administration issued the export control reluctantly.

This is where executives should focus: the move is not being treated as “a security patch request.” An administration official told Axios that the government does not view other models on the market as posing the same national security risk because they do not exceed the capability level Mythos has reached. The implication is simple even if the legal mechanism is complex: if a future model crosses that threshold, it would need to go through the government before release. In other words, the gating function shifts from “ship and see” to “pre-clear the capabilities,” at least for certain classes of frontier systems.

Politically, the fallout is already spilling across borders. The shutdown reignited calls in Europe for “sovereign AI,” the idea that countries should control AI models, computing infrastructure, and data used for critical technology rather than depend on systems another government can restrict or withdraw. Former French prime minister Édouard Philippe said the episode showed AI is now critical infrastructure as essential as electricity or the internet, and that infrastructure controlled by others is infrastructure that others can unplug. In the UK, MP Al Carns described Fable 5’s use by British hospitals, companies, and researchers before the switch-off, and Tom Tugendhat argued sovereignty is now more about “code than cannons,” criticizing an approach that prioritizes safety over building competitive capacity.

Finally, this episode intensifies a broader months-long standoff between Anthropic and the Trump administration. Earlier this year, the administration designated Anthropic a “supply chain risk” for Pentagon contractors after Anthropic declined contract terms allowing its models to be used for “all lawful purposes.” Anthropic cited concerns about autonomous weapons and mass domestic surveillance and is contesting the designation in court. On the policy side, critics like AI policy expert Dean Ball, who briefly served in the Trump administration, questioned whether this amounts to “lawfare” or “extreme national-security hawkery,” adding it was “simply cartoonish.” Ben Murphy warned the directive could discourage transparency with the government and push the “balkanization of technology.” Whether or not those characterizations persuade, the business reality is already visible: the government is willing to use powerful tools, and AI labs are now factoring in access risk at the level of national security law.

For executives across AI, cloud, and critical infrastructure, the lesson is not just that a jailbreak was found. It is that a security concern can rapidly become an export-control event that changes product availability worldwide. That shifts the risk conversation from “model performance and safety” to “capability thresholds, regulatory timing, and geopolitical dependency.” If you are an AI company, a board member, or a customer banking on steady access, this is a wake-up call that national borders can appear inside your user base overnight.