Andy Jassy tipped Scott Bessent, and Howard Lutnick pulled Anthropic’s frontier models in 4 days

Andy Jassy, the CEO of Amazon, didn’t set out to start a regulatory earthquake. But after his team discovered a “jailbreak” in Anthropic’s newly released Fable 5, Jassy raised the issue with U.S. Treasury Secretary Scott Bessent the same day, according to two sources familiar with Amazon. By Friday evening, just four days after Fable 5 launched on June 9, Commerce Secretary Howard Lutnick hit Anthropic with unprecedented export controls, forcing the lab to pull its most powerful models.

Here’s the part that matters for every executive reading this: the trigger was not a confirmed, ongoing cyberattack. It was a vulnerability found during stress-testing by Amazon researchers. Anthropic had repeatedly said its Mythos-class models had superhuman software hacking skills too dangerous to release broadly, and Fable 5 was marketed as a safer version of its Mythos AI model, equipped with robust safeguards against cybersecurity risks. Yet the testing reportedly found a way to bypass those safety rails and access information that could be used in a cyberattack.

Once the vulnerability landed on Bessent’s desk, the week accelerated fast. Bessent, who has been leading the administration’s response to Anthropic’s Mythos model, framed the risk as cyberattacks with potential to harm the global financial system. Jassy’s call with Bessent, according to the sources, also included a wider concern: he stressed he was worried about the cyber capabilities of all “frontier AI models,” including those from other labs. That broader lens is what turns a single-model bug into a policy problem the administration feels it has to manage now.

From there, Lutnick’s export-controls move arrived like a door slamming shut. On Friday after Jassy’s call, the administration contacted Anthropic and Chief Executive Dario Amodei and demanded they either fix the jailbreak or remove the models from the market, according to a source familiar with Anthropic. Fortune reports there was no prior communication suggesting the government viewed the export of Fable as a national security threat, and the warning came with a 90-minute deadline. Then the government moved to ban foreign nationals from using the software, which Anthropic interpreted as an effective ban on the models themselves.

Why? The government uses a “deemed export” standard: distributing an AI model to any foreign national, even if the foreign national is physically located in the U.S., is treated as exporting the model. Anthropic also reportedly had no effective way to verify users’ nationality. In practical terms, that turns “export controls” into a “pull the model” requirement, even if a company wants to comply and even if the vulnerability is narrow. Just after 5 p.m. Eastern Time on Friday, Lutnick’s department issued a directive requiring government approval before Anthropic could make its Fable 5 and Mythos 5 models available to users abroad or any foreign national globally. Lutnick warned non-compliance could lead to criminal and civil penalties, per a directive copy obtained by Bloomberg News. By 10 p.m. that evening, Anthropic took Fable 5 and Mythos 5 offline.

Anthropic’s response was blunt, and it’s worth reading for what it implies about industry precedent. In a blog post after taking the models offline, the company wrote: it disagreed “that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people.” It added that if this standard was applied across the industry, it would “essentially halt all new model deployments for all frontier model providers.” An Anthropic spokesperson said both parties were working quickly to resolve the issue, and the White House did not respond to multiple requests for comment.

The week didn’t stay contained, either. By Sunday, Fortune reports senior Anthropic technical staff had arrived in Washington, D.C. to meet White House officials in person, with venture capitalist David Sacks writing on X that “The Admin values Anthropic’s technical capabilities and feels that this issue, while serious, should be easily resolved,” adding the ball was in Anthropic’s court. By Tuesday, though, Fortune reports the talks had concluded with export controls still in place and next steps unclear, leaving the model future in limbo.

That limbo matters well beyond Anthropic. The model class Anthropic is built on is part of a broader arms race. The source notes Anthropic recently closed a $65 billion funding round at a valuation of $965 billion and has filed paperwork to list its shares on public markets. Meanwhile, rivals including OpenAI, SpaceX, and Google are competing aggressively to dominate the AI business. For boards and investors, export controls are not just a legal footnote. They can become a pacing item for revenue, product timelines, and competitive positioning, especially when the controls arrive quickly and operate through “deemed export” logic.

There is also blowback from cybersecurity experts, including an argument about what licensing can do to the US position. Danny Jenkins, chief executive of ThreatLocker, told Fortune that government licensing of AI models will make US labs less competitive and give geopolitical rivals like China a path to catch up. He also argued that criminals do not care whether something is allowed to be exported. At a demo, Jenkins said he used Anthropic’s Claude model, which he characterized as not as potent as Fable or Mythos, to “completely ransomware a machine.” He added that vulnerabilities will be exposed eventually, whether by a human or an AI model, and that the AI model just does it faster. He suggested government focus should be on hardening security and creating “zero trust” environments, rather than trying to police whether a model exists.

So the real question for executives is not just what happened this week. It is whether the US is signaling a new enforcement posture for frontier AI: one where a reported jailbreak, a fast deadline, and deemed-export rules can lead to a rapid pull of the most powerful capabilities. If you are building frontier models, operating one with national-security exposure, or funding companies in the middle of a listing and scale-up cycle, this is the kind of precedent that can reshape strategy overnight.