Anthropic suspended access to its two most capable artificial intelligence models on Friday to comply with a US government national-security order, disabling the systems for every customer worldwide three days after opening access to one of them.
The company said it received an export-control directive at 5.21pm local time (3.21am IST) barring all foreign nationals — including Anthropic’s own foreign-national staff — from using Fable 5 and Mythos 5, on national-security grounds. Possibly unable to wall off that group cleanly, it withdrew both models from every user. “The net effect of this order is that we must abruptly for all our customers to ensure compliance,” the company said in a statement, adding that its other models were unaffected.
It is, on the available record, the first time a leading AI company has taken a publicly deployed model offline at the instruction of the US government. The closest precedent is the chip war: Washington has used the Entity List and the Foreign Direct Product Rule to cut China off from advanced AI processors and the equipment to make them. But those controls bit on hardware rather than a running consumer service switched off mid-use.
ALSO READ |
The directive came from commerce secretary Howard Lutnick, Axios reported; Commerce officials did not immediately respond to requests for comment, according to news wires AFP and AP. The Wall Street Journal reported that Amazon CEO Andy Jassy — whose company is an investor — was among tech leaders who raised concerns to senior administration officials about security risks in Anthropic’s most advanced AI models.
The shutdown landed first on allies. The European Union, which secured access to Mythos only this month after weeks of negotiation, said the episode reinforced “Europe’s need for technological sovereignty”. “We take note of Anthropic’s statement and are assessing,” said Thomas Regnier, a spokesman for the European Commission, which in June unveiled measures to cut the 27-nation bloc’s reliance on the United States and Asia for critical technologies, AI among them.
Similar concerns are valid for India. The country is the second-largest market for Anthropic’s consumer service after the United States, accounting for 5.8% of global Claude.ai use in November 2025, rising to 6.16% by the company’s March update, according to its Economic Index. The use is narrow and deep: four states — Maharashtra, Tamil Nadu, Karnataka and Delhi — generate more than half the national total, and Indian users turn to Claude for software development more than for almost any other task, mirroring the IT-services industry that anchors the economy.
The letter from the government did not state the concern, the company said, but its understanding was that the government believed it had identified a way to bypass, or “jailbreak”, Fable 5 so that it could assist hacking.
Anthropic ‘disagrees’ with govt order
Fable 5, released on Tuesday, is a restricted version of Mythos 5, a frontier model Anthropic has withheld from the public over its capacity to find software vulnerabilities — the flaws in code that attackers exploit. Mythos 5 has gone only to a handful of selected firms.
ALSO READ |
Anthropic disputed the basis for the order. It said it had examined the jailbreak method in question and did not believe Fable 5 gave hackers any capability unavailable through other public models, and that none of its testers had found a “universal jailbreak” able to defeat its safeguards across the board. “We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people,” it said. Applied across the sector, it argued, the same standard “would essentially halt all new model deployments for all frontier model providers”.
Those characterisations of severity are the company’s own. The government has not made its reasoning public.
But in the days after Fable 5 reached the public, one jailbreak claim circulated widely among security researchers. It came from a pseudonymous figure known as Pliny the Liberator, prominent enough in the field to have been named to TIME’s list of 100 most influential people in AI, who specialises in stripping the safety controls from new models within hours of their release. On June 10, his account declared the model “liberated” and said his collaborators had drawn restricted material from it across several categories of harm, among them cyber, chemical and explosives-related content.
His account of how offers a measure of how far the practice has moved. The methods were layered: disguising forbidden words by substituting lookalike letters from other alphabets so filters fail to register them; spreading a request across a long conversation until the model’s safety checks lose the thread; casting a query as fiction, as academic peer-review or as a document-filing task so the system treats it as legitimate. The approach he rated most effective was to break a dangerous request into harmless-looking fragments, have the model answer each in isolation, and reassemble the pieces afterwards — assisted, he said, by a second model that had itself been compromised. He cited a well-known methamphetamine synthesis route as an example, a pathway documented in open scientific literature for decades.
The suspension is the latest in a sustained run of confrontations between Anthropic and the Trump administration. The company has been at odds with Washington since it declined to let its technology be used in ways it judged unsafe, including for mass surveillance and autonomous weapons; the Pentagon subsequently cut contracts, and the Department of Defense designated Anthropic a supply-chain risk — a label more commonly reserved for foreign adversaries, which obliges defence contractors to certify they will not use the company’s models. That litigation is still ongoing.
Anthropic called the order a likely “misunderstanding” and said it was working to restore access, with fuller technical detail promised within a day.
Whether or not it succeeds, the episode has handed every government that rents its frontier AI rather than building its own a worked example of what that dependence can cost when the supplier’s home capital decides otherwise.
“We see this as an opportunity and a proof point on why India should heavily invest in AI R&D. We cannot rely on foreign model be it close or open source ones… IndiaAI mission’s initiative is in the right direction, we just need to double down, focus and get sovereign models done,” said Abhishek Upperwal, founder of Soket AI.
“These events serve as a powerful catalyst for a much larger geopolitical shift. The fact that access to elite, centralised AI models can be disrupted overnight due to vulnerability findings or sudden regulatory shifts highlights a glaring vulnerability for businesses and nation-states alike.For security, strategic autonomy, and operational continuity, countries and corporations across the world cannot rely solely on third-party, foreign-controlled AI stacks. This friction will inevitably and rapidly accelerate the development of independent, sovereign AI models,” said Ganesh Gopalan, co-founder and CEO, Gnani.ai.
