Thought Leadership
According to a report, Anthropic’s AI model Claude Mythos infiltrated systems operated by the NSA during a test, prompting the U.S. government to impose export restrictions.
A report claims that Anthropic’s flagship AI model Claude Mythos successfully infiltrated classified systems operated by the U.S. National Security Agency (NSA) during an authorized red-teaming exercise on June 11, 2026. The incident is now being cited as a key trigger behind sweeping new U.S. government export controls issued the following day.
According to The Economist, the internal security test showed that the model — developed by Anthropic — was able to penetrate multiple sensitive systems within hours. The development is described as a major factor influencing the rapid regulatory response from the U.S. government.
U.S. Senator Mark Warner, Vice Chairman of the Senate Intelligence Committee, said General Joshua Rudd, head of the NSA and U.S. Cyber Command, directly briefed him on the matter. Warner quoted Rudd as stating that the system “broke into nearly all of our classified systems, not in weeks, but in hours.” However, this account has not been independently confirmed by the agencies involved.
Shortly after the incident, the U.S. Department of Commerce introduced a policy that barred all foreign nationals — including non-U.S. employees within Anthropic — from accessing the company’s most advanced models, Fable 5 and Mythos 5. In response, Anthropic suspended access to these systems for all customers globally.
First Direct Export Controls on an AI Software Model
The move marks a regulatory milestone, as it is the first known instance of U.S. export controls being applied directly to a software-based AI model rather than physical infrastructure such as chips or hardware. The sudden restrictions also reportedly caught members of the Five Eyes intelligence alliance off guard. Government agencies, financial institutions, and businesses across Australia, the United Kingdom, Canada, and New Zealand temporarily lost access to the affected Anthropic systems without prior notice.
Anthropic Disputes Government Assessment
Anthropic, the developer of the system, has rejected the government’s assessment of the actual level of risk. According to the company, the incident involved the exploitation of a narrow system vulnerability — commonly referred to as a jailbreak — similar to issues seen in other leading models such as GPT-5.5. Anthropic described the full withdrawal of the software as a disproportionate overreaction.
The behavior in question, the company said, was limited to analyzing a provided codebase and fixing identified errors, rather than carrying out any autonomous or offensive infiltration. Anthropic is currently working to restore access and is developing a joint risk management framework in collaboration with the White House.
(ll)
