Skip links

Claude Fable 5: What Happened and Is It Available Now?

Illustration of Claude Fable 5 as an active task card, with code, document and workflow tasks running and one step marked complete, following its restoration on 1 July 2026
Fable 5 is running again. Anthropic restored the model worldwide on 1 July 2026, nineteen days after the export-control order switched it off.

Claude Fable 5 is back. The US Commerce Department lifted its export-control order on 30 June 2026, and Anthropic restored the model to users worldwide the following day. Nineteen days after a government directive switched off the most capable AI model the public had ever been able to use, the suspension was over. The story it leaves behind is not.

When we published the first version of this article, both Mythos-class models were dark and nobody would commit to a return date. A fair amount has changed since. A new safety classifier sits in front of the model, the billing arrangements have shifted twice in a week, and the industry now has a draft framework for judging how serious an AI jailbreak actually is. Here is the full account, brought up to date, with the original background kept for anyone arriving fresh.

Timeline of Claude Fable 5 from the April 2026 Mythos Preview through the 9 June launch, the 12 June worldwide suspension, the 30 June lifting of export controls, the 1 July restoration and the 8 July move to usage credits.
Nineteen days from suspension to restoration. The full sequence, from restricted preview to the return of Fable 5 and the switch to usage credits.

Is Claude Fable 5 Available Right Now?

Yes. Fable 5 returned on Wednesday 1 July 2026 for users worldwide on Claude.ai, the Claude Platform, Claude Code and Claude Cowork, per Anthropic’s redeployment announcement. Access came back with no nationality checks, no identity verification and no regional carve-outs. A developer in Manchester has exactly the same access as one in Texas, which is how things stood before 12 June.

The cloud platforms have caught up too. Anthropic’s documentation now lists Fable 5 as generally available on the Claude API, Claude Platform on AWS, Amazon Bedrock, Google Cloud and Microsoft Foundry, and AWS re-enabled it on Bedrock from 1 July. If it has not appeared in your particular region yet, check the model catalogue in your own console rather than assuming.

Mythos 5, the sibling without safeguards, remains restricted. The government approved restoring it to a set of US organisations on 26 June, and Anthropic says it is coordinating to widen access through Project Glasswing. For everyone else, Fable 5 is the model on offer.

Comparison graphic showing Claude Fable 5, Opus 4.8, Sonnet 4.6 and Haiku 4.5 available to everyone, with Claude Mythos 5 restricted to Glasswing partners and approved US organisations.
Everything is back except Mythos 5, which stays behind Anthropic’s vetted-access programme. Fable 5 bills through usage credits from 8 July.

How Did Fable 5 Come Back?

Three things did the work: evidence, engineering and independent verification.

Anthropic spent the second half of June reviewing the original jailbreak report with the government and with Amazon, whose researchers had filed it. Its own testing produced the finding that settled the argument. Weaker models, including Claude Opus 4.8, OpenAI’s GPT-5.5 and Kimi K2.7, could identify the same vulnerabilities described in the report, and every model Anthropic tested could reproduce the exploit demonstration. The flagged technique, in other words, unlocked nothing unique to the Mythos class. It amounted to routine defensive security work that Fable 5’s cautious safeguards happened to block.

Evidence alone would not have ended the standoff. Anthropic also trained a new safety classifier aimed squarely at the reported technique, which it says now blocks it in more than 99% of attempts. Blocked requests are not refused outright. They are rerouted to Opus 4.8, and the user is told. The trade-off is more false positives on routine coding and debugging, a cost Anthropic accepted to get the model released again. Anyone running Fable 5 inside agentic pipelines should log how often the reroute fires, because a silently swapped model can change output quality, style and cost mid-workflow.

The last piece was verification. Researchers from the Commerce Department’s Center for AI Standards and Innovation (CAISI) tested both the original and the new safeguards before the controls came off, and Anthropic says they judged the protections extraordinarily strong. On 30 June, Commerce Secretary Howard Lutnick withdrew the licence requirement for both models, and Anthropic announced the redeployment the same evening.

The resolution came with strings. Anthropic has committed to pre-release government access for future frontier models, rapid information sharing when new jailbreaks surface, a round-the-clock team monitoring jailbreak reports, and a HackerOne bug bounty programme for researchers who find new routes past Fable 5’s guardrails. Frontier model releases in the US now look less like ordinary product launches and more like negotiated deployments, and that is worth remembering whichever provider you use.

What Does Fable 5 Cost Now?

This is where the dates get fiddly, because they moved again this morning. Fable 5 returned to Pro, Max, Team and select Enterprise plans included for up to half of weekly usage limits, by way of apology for the disruption, with the window due to close on 7 July. On 8 July, Anthropic extended included access to 12 July. After that, Fable 5 moves to usage credits rather than standard subscription allowances, though the company frames the change as a capacity measure and says it aims to fold the model back into plans when it can.

API pricing is unchanged at $10 per million input tokens and $50 per million output tokens, roughly double Opus 4.8, with the usual 90% prompt-caching discount on input. The 30-day data retention policy also still applies to both Mythos-class models, with no zero-retention option, so anything you send sits on Anthropic’s servers for a month. If you handle regulated data under UK GDPR, factor that in before routing client work through it.

The practical upshot is that Fable 5 is about to become a premium, metered tool. Reserve it for the jobs that genuinely need the most capable model, and keep Opus 4.8 wired in as the fallback, since it is where the classifier sends flagged requests anyway. For routine work there is now a stronger cheap option too. Claude Sonnet 5, released on 30 June, sits close to Opus 4.8 on agentic tasks at introductory pricing of $2 per million input tokens and $10 per million output until the end of August.

What Was the Suspension About?

A brief recap for anyone who missed the June drama.

Anthropic launched Fable 5 on 9 June 2026 as the first generally available model in its new Mythos-class tier, one rung above Opus. The underlying model had unsettled people since April, when Claude Mythos Preview proved unusually good at finding flaws in software, good enough that Anthropic held it back from the public and shared it only with vetted partners under Project Glasswing. Fable 5 was that capability wrapped in the heaviest safeguards Anthropic had ever shipped, with risky queries routed to Opus 4.8 rather than answered.

Three days after launch, at 5:21pm ET on 12 June, the Commerce Department ordered Anthropic to suspend access for any foreign national anywhere, including the company’s own non-citizen staff. Because a cloud service cannot verify citizenship on every request, Anthropic switched both models off for everyone. According to a source cited by Fortune, it was given 90 minutes to do so.

The trigger was a report from Amazon researchers, who had prompted Fable 5 into identifying software vulnerabilities and, in one case, producing code showing how one could be exploited. Amazon chief executive Andy Jassy reportedly took the finding to Treasury Secretary Scott Bessent and other officials, and the report reached the government rather than Anthropic directly, a detail worth chewing on given Amazon is Anthropic’s largest outside investor. White House AI adviser David Sacks framed the eventual order as reluctant, issued only after Anthropic declined to fix or withdraw the model voluntarily. Anthropic reviewed the demonstration, judged it minor, and complied under protest, arguing that a standard this strict would halt new model releases across the industry.

None of it happened in a vacuum. Months earlier the Pentagon had tagged Anthropic a supply-chain risk over its refusal to sign open-ended use terms, a label the company is fighting in court. Whether that friction coloured the shutdown is still argued about. Sacks insists there is no link.

Was the Government Right to Pull It?

The resolution has sharpened the answer without settling it.

Anthropic’s cross-model testing, now published and reviewed, showed the reported technique gave attackers nothing that freely available models could not already provide. On that evidence, the critics who signed the June open letter to Lutnick, among them Luta Security’s Katie Moussouris, look vindicated: the order removed the strongest model from defenders without removing a real danger. A 90-minute deadline to pull a model used by millions also looks disproportionate next to the finding that prompted it.

The counterargument has strengthened too, though. The process produced independent government validation of frontier-model safeguards, a precedent for third-party review before redeployment, and a set of ongoing security commitments that did not exist on 11 June. A forced negotiation delivered outcomes that voluntary engagement had not. Both things can be true: the specific trigger looks thin, and the machinery it produced looks useful.

One prediction aged well. In June we noted that traders on Kalshi put better-than-even odds on access returning before July. The controls lifted on 30 June and access followed on 1 July. Crowd sentiment beat most of the commentary.

One correction from us as well. The original version of this article read Anthropic’s privacy policy change, effective 8 July, as a likely route to restoring Fable 5 for identity-verified US citizens only, leaving businesses in Manchester or Madrid locked out. Events took a different path. Access came back for everyone, with no identity checks at all. The policy change stands, but it was not the mechanism.

What Is the Cyber Jailbreak Severity Framework?

The most consequential thing to come out of the episode may be a scoring system.

On 2 July, Anthropic published detail on Fable 5’s cybersecurity safeguards alongside a draft framework for grading jailbreak severity, developed with Amazon, Microsoft, Google and other Glasswing partners. It scores a jailbreak on four measures: how much capability it hands an attacker beyond existing tools, how broad that gain is, how easy it is to weaponise, and how discoverable the technique is. The combined score maps to severity bands running up to CJS-4, the critical tier reserved for jailbreaks being actively used against infrastructure.

The logic matters more than the labels. Under the framework, a technique only counts as severe if it goes meaningfully beyond what is already publicly available. Judged that way, the finding that shut Fable 5 down for nineteen days would have scored near the bottom of the scale. Much of June’s argument was two sides using different yardsticks for the same finding, and a shared one might have shortened the whole affair, or prevented it. If the framework is adopted across the industry, the next jailbreak report gets triaged rather than treated as a five-alarm fire.

What This Means for Marketing Managers

The capability story we described in June is no longer hypothetical. Fable 5 is back, and the delegation pitch can now be tested: whole deliverables such as the quarterly content audit, the multi-document competitor analysis, or the performance report assembled from CSV exports and stakeholder notes, handed over and reviewed rather than drafted line by line. The metered pricing forces discipline, which is no bad thing. Use the expensive model for work that needs sustained autonomy, and a cheaper one for everything else.

The AI search point stands unchanged. Answer engines keep getting better at reading, comparing and synthesising sources, and content built for extraction, with clear structure, direct answers and verifiable claims, keeps winning citations. This article’s own update history is a small example: pages that correct themselves visibly and date their claims tend to be trusted by both readers and machines.

What This Means for Small Business Owners

Our June advice holds, with one adjustment. You still do not need to chase the frontier, and the credits pricing makes the frontier easier to resist. But the restoration removes the excuse to ignore the direction of travel. AI that completes substantial work under light supervision is available again, to everyone, at a price, and the newly released Sonnet 5 puts a decent slice of that capability within an ordinary budget.

The preparation is the same either way: documented processes, structured website content, clean data, clear briefs. An autonomous model is only as useful as the context you can hand it, and getting that in order pays off whichever model you end up using.

The Bigger Lesson Still Stands: Dependence

Access came back. The precedent did not go away.

A government switched off a commercial AI model used by millions of people, kept it off for nineteen days, and switched it back on subject to conditions. The next time it happens, to any provider, the playbook now exists. The Labour MP Al Carns pointed out during the outage that British researchers, companies and hospitals had been using Fable 5 right up to the moment it vanished, and across Europe the episode revived the argument for sovereign AI. France’s former prime minister Édouard Philippe put the operational point plainly: depend on others for your technology and you can be unplugged overnight.

The sensible response remains diversification rather than alarm. More than one model provider. A fallback wired in for anything business-critical. A clear view of which tasks you would struggle to complete if a given tool vanished on a Friday night. Anyone who built that fallback during the June outage should keep it, not dismantle it. Even Anthropic’s own fix makes the case: when Fable 5’s new classifier blocks a request, the system falls back to Opus 4.8 automatically. Redundancy is now built into the product. Build it into your operation too.

Frequently Asked Questions

Can I Use Claude Fable 5 Right Now?

Yes. Access was restored worldwide on 1 July 2026 with no identity or nationality checks. As of 8 July it is generally available on Claude.ai, the Claude Platform, Claude Code, Claude Cowork, Amazon Bedrock, Google Cloud and Microsoft Foundry.

How Long Is Fable 5 Included in Paid Plans?

Until 12 July 2026, after Anthropic extended the original 7 July cutoff. On Pro, Max, Team and select Enterprise plans it counts for up to half of weekly usage limits until then, after which it moves to usage credits. Anthropic describes the credits move as a temporary capacity measure.

What Fixed the Jailbreak That Caused the Suspension?

Anthropic trained a new safety classifier that blocks the reported technique in over 99% of attempts and reroutes flagged requests to Claude Opus 4.8, notifying the user. Researchers from the Commerce Department's Center for AI Standards and Innovation tested the safeguards before the export controls were lifted on 30 June.

Is Claude Mythos 5 Available?

Not generally. Access was restored to a set of approved US organisations after government sign-off on 26 June, and Anthropic is working to widen access through its Project Glasswing programme. Everyone else uses Fable 5, which shares the same underlying model with safeguards applied.

Does the 30-Day Data Retention Policy Still Apply?

Yes. Both Mythos-class models carry mandatory 30-day retention with no zero-retention option, even for customers with prior zero-retention agreements. Check this against your obligations under UK GDPR before sending regulated data.

Could Fable 5 Be Pulled Again?

It is possible, and the June episode proves the mechanism exists. The new safeguards, the government commitments and the draft jailbreak severity framework make another blanket shutdown less likely, but the only real protection for your business is a working fallback to a second model.

The Bottom Line

Claude Fable 5 went from launch to government suspension in three days, and from suspension to restoration in nineteen. It returned with a new classifier in front of it, a validation stamp from the US government, a bug bounty behind it, and a metered price waiting once the included window closes on 12 July. The published evidence now supports what Anthropic argued in June: the finding that triggered the shutdown gave attackers nothing they could not get elsewhere. The episode still set the precedent, and the precedent is the part that matters.

For businesses, the lesson survives the happy ending. Every AI tool folded into your operation carries a risk you have no hand in, and the fix is the same as it was three weeks ago: a second option, tested and ready. Capability and availability are now two separate things to check, and June proved they can diverge without warning.

If you want help understanding how your content performs in AI answer engines, or how to reduce single-vendor risk in your marketing operation, get in touch with AIWIZ. It is what we do.

Explore
Drag