Political risk / Jun 21, 2026 / 7 min
WSJ: Andy Jassy's Jailbreak Triggered the Anthropic Model Shutdown
Wall Street Journal reporting now identifies Amazon CEO Andy Jassy as the source of the jailbreak that forced Anthropic's Fable 5 and Mythos 5 offline — turning the company's largest cloud partner into the trigger for a global export ban.
Amazon invested billions in Anthropic and hosts its models on Bedrock — in return, Anthropic pledged roughly $100 billion in AWS cloud spending. Then CEO Andy Jassy reportedly told Treasury Secretary Scott Bessent that Amazon researchers had jailbroken Fable 5 to extract cyberattack-useful information. Nine days later, the models are still dark for every customer on Earth.
The chain:
- Amazon researchers used a series of prompts to get Fable 5 to surface software vulnerabilities — essentially asking the model to read a codebase and flag flaws.
- Jassy shared those findings with Bessent and other U.S. officials, according to Wall Street Journal reporting cited by The Verge, The Next Web, and GeekWire.
- On June 12 at 5:21 p.m. ET, the Commerce Department issued an export control directive barring any foreign national — inside or outside the U.S. — from accessing Fable 5 and Mythos 5.
- Anthropic could not filter foreign nationals from U.S. users in real time, so it disabled both models for everyone.
What Amazon says: An Amazon spokesperson told reporters it is "not uncommon for governments to seek our counsel on potential security risks" but declined to discuss specifics. AWS confirmed its own cloud platform was affected by the shutdown.
What Anthropic says: The company disputed the government's characterization on June 12. It found the technique identified "a small number of previously known, minor vulnerabilities" and argued the same capability exists in other publicly available models, including OpenAI's GPT-5.5. Anthropic added: "If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers."
What security experts say:
- Katie Moussouris, founder of Luta Security, posted on Bluesky: "I've seen the paper. It's not a jailbreak."
- Andrew Morris, founder of GreyNoise Intelligence, told the Journal the findings showed Fable could surface bugs in at least four software programs but the information was "still a long way from dangerous cybersecurity information."
The ouroboros: Amazon bankrolls Anthropic's infrastructure. Anthropic builds frontier models on AWS. Amazon's CEO flags those models to the Treasury. The government pulls the export lever. AWS customers — including banks and government agencies using Mythos for vulnerability discovery — lose access. The investor becomes the informant.
David Sacks, co-chair of the President's Council of Advisors on Science and Technology, offered a different framing: "a highly credible trusted partner of both Anthropic and the USG came forward with a jailbreak." He said the administration gave Anthropic a binary choice: fix the jailbreak or de-deploy the model. CEO Dario Amodei refused both.
The politics shifted — the models didn't: President Trump told Axios on June 19 he no longer views Anthropic as a national security threat after meeting Amodei at the G7 summit in France. "Well, not now, but a week ago, maybe," Trump said. He called Amodei "nice" and "smart" and said he "responded very responsibly, I thought." Asked about easing restrictions, Trump replied: "I would, but I'm not sure I have to do that."
As of June 21 — day nine — Fable 5 and Mythos 5 remain offline. The Commerce directive has not been withdrawn. European leaders at the same G7 summit cited the blackout as evidence that dependence on U.S. frontier AI is a sovereignty risk.
Why it matters for buyers:
- Procurement risk: Your cloud distributor and your model vendor can be the same company — and that company can trigger federal action against the model you're deploying.
- Precedent risk: Export controls designed for semiconductors are now being applied to commercial AI models over a narrow, disputed jailbreak finding.
- Continuity risk: A foreign-national access ban that Anthropic cannot technically enforce becomes a global shutdown. No enterprise continuity plan accounts for that.
Convina's view: The Amazon-Anthropic episode is not a safety story. It is a power story. When a strategic investor can route a disputed jailbreak through the Treasury Secretary and force a global model recall, every enterprise AI contract needs a new clause: who can kill your models, on what evidence, and with what notice. Washington invented the kill switch last week. This week we learned the button may be in your cloud provider's hand.