Our Chief Executive and Founder, Lisa Ventura MBE FCIIS, logged on this morning as usual. Within minutes it became clear that something was different. Claude Fable 5, one of the frontier AI models that was launched just a couple of days or so ago, was unavailable. Not a slow connection or a passing glitch but switched off entirely.
For an organisation built around the meeting point of artificial intelligence and cyber security, a moment like this is worth pausing over. So here is what happened, why it happened and where the AICSA stands.
What Has Actually Happened
On 12 June 2026, Anthropic published a public statement confirming that the United States government had issued an export control directive, citing national security authorities. The directive suspends all access to two of its models, Fable 5 and Mythos 5, by any foreign national, whether based inside or outside the United States. That restriction extends even to Anthropic’s own employees who are foreign nationals.
Because the company cannot reliably separate one group of users from another at short notice, the practical effect is that both models have been disabled for everyone. Anthropic has confirmed that access to its other models is not affected.
Why the Models Were Suspended
According to Anthropic, the government’s stated concern relates to a method of bypassing, sometimes called jailbreaking, the safeguards built into Fable 5. The company says it reviewed a demonstration of the technique and found that it surfaced a small number of previously known and relatively minor vulnerabilities. Anthropic also states that other publicly available models can identify the same issues without any bypass at all, and points to comparable capability in competing systems such as OpenAI’s GPT-5.5.
In its statement, Anthropic sets out the safeguards it built into Fable, including thousands of hours of red teaming alongside the US government, the UK AI Safety Institute and several independent organisations, a defence in depth approach, and a 30-day data retention policy intended to help detect and shut down misuse. The company says it is complying with the legal directive while disagreeing with the decision, arguing that a narrow and unproven jailbreak should not be grounds for recalling a model already used by hundreds of millions of people.
The AICSA Response
This is the first time many of us have watched a frontier model removed from public use by government order, and it raises questions that sit squarely within our remit.
We recognise that governments have a legitimate role in addressing genuine national security risk. The AICSA has consistently argued that there are circumstances in which an unsafe deployment should be paused or blocked. The question is not whether that power should exist, but how it is used.
A decision of this scale needs to rest on a process that is transparent, evidence led and proportionate. From the information made public so far, it is difficult to see how disabling a widely used commercial model meets that test. The vulnerabilities described appear minor and already understood, and similar capability is reportedly available elsewhere. If a narrow finding of this kind becomes sufficient grounds for an emergency shutdown, the same logic could be applied to almost any model on the market, which would create real uncertainty for the organisations that have come to depend on these tools.
For the wider AI and cyber security community, the practical lesson is one we return to often. Resilience matters. Building a single point of dependency on any one model, vendor or platform leaves organisations exposed to disruptions that have nothing to do with the technology itself. Contingency planning, clear fallback options and a sober understanding of supply chain risk belong in every AI adoption conversation, not in the appendix.
There is also a wider policy point here. The way governments and frontier AI developers handle moments like this will shape the trust that underpins the whole sector. Decisions made quickly and without clear evidence risk eroding that trust, for industry and for the public. Getting the balance right between security and openness is precisely the kind of challenge the AICSA exists to help navigate.
Anthropic has indicated it will share further detail in the coming days. The AICSA will follow the situation closely and engage with policymakers and partners as the picture develops. We will keep our community informed.
If you would like to discuss what this means for your own organisation, or you want to be part of the conversation as it unfolds, we would be glad to hear from you at hello@cyberkindness.org.uk.
