AI vendors are no longer cheap or reliable. Three proofs from this week.
Tokens are getting expensive. A 12-hour Anthropic outage stopped Notion AI. OpenAI admits agents aren't safe for sensitive data even in Lockdown Mode.
Summary
- Token prices are no longer fixed — Uber burned its annual AI budget in 4 months; GitHub Copilot Pro+ users lose 60% of credits in 2 hours
- Single-vendor dependency is a real risk — Notion AI failed for 12 hours during an Anthropic outage
- OpenAI admits — agents aren’t safe from prompt injection — the new “Lockdown” mode simply disables agents to prevent data leaks
Bottom line: AI is exiting the “free experiment” phase and becoming a regular critical vendor — with price volatility, reliability risks, and security requirements that need the same management as any other IT system.
1. Token economics: Uber burned its annual AI budget in 4 months
What changed. Uber introduced a $1,500 monthly cap per engineer on AI coding tools after burning through its entire 2026 AI budget in 4 months (Fortune, Inc). Before the cap, individual engineers were generating bills of $500–$2,000 per month. GitHub Copilot Pro+ subscribers paying $39/month report 60% of their credits gone after just 2 hours of normal use. TechCrunch is calling this trend the “Tokenpocalypse” (TechCrunch).
Why it matters. AI markets have been subsidized by investor money. Now providers are preparing for IPOs and starting to pass real infrastructure costs to customers — through token-based metering instead of flat-rate “usage.” If you handed engineers or marketing teams “unlimited” AI access at a fixed price this year, there’s a high probability your next contract will be 3–10× more expensive, or your credits will burn through fast.
What to do this month.
- Request billing detail from each AI tool for the last 90 days — which user, how many tokens, in EUR
- Introduce monthly spending caps for engineers and content teams (Uber is using $1,500; start at median user spend × 2)
- Negotiate 12-month price locks with vendors — many agree because they want stable revenue during IPO prep
What to expect.
- By end of 2026, most frontier model providers will have moved to usage-based pricing — flat-rate remains only for entry tiers
- Q3 will see first public cases of companies dropping AI tools due to price volatility, not quality issues
- Within 90 days, the market will see active token cost monitoring tools — similar to cloud cost monitoring 5 years ago
2. Notion AI went down 12 hours because Anthropic had “infrastructure issues”
What changed. Notion disabled access to Anthropic’s Claude models on Sunday after users reported elevated failure rates on Opus 4.7 and 4.8 (TechCrunch). The outage lasted approximately 12 hours. Anthropic confirmed “a brief infrastructure issue.” Notion’s head of product Max Schoening downplayed the incident: “This happens. It happens to Notion, GitHub, AWS.” Yet Notion’s status post on X received roughly 1,200 reposts — proof that users are nervous about single-vendor AI dependency.
Why it matters. If your company uses an AI tool powered by a single model provider (Anthropic, OpenAI, Google), your availability risk is that provider’s problems + your tool’s problems. This applies to all your existing AI — Notion AI, Cursor, Copilot, customer service bots. A 12-hour outage during a business day means real lost productivity — the only question is whether you notice.
What to do this month.
- Map which of your tools are AI-powered — and which rely on a single model provider
- Ask each vendor whether they support automatic fallback to another model during outages (multi-provider architecture)
- Add SLA clauses to new contracts: minimum uptime percentage + compensation for outages longer than 4 hours
What to expect.
- Within 30 days: another 1–2 major AI tool outages (Anthropic or OpenAI side) — IPO prep stresses infrastructure
- Q3: major providers will start marketing “multi-model” architecture as a competitive advantage
- Within 6 months: first lawsuits over AI tool outages in commercial deliveries
3. OpenAI released “Lockdown Mode” and admitted — agents aren’t safe for sensitive data
What changed. OpenAI introduced Lockdown Mode for ChatGPT Business accounts — a security mode that disables web browsing, deep research, and agent mode to protect against prompt injection (malicious instructions embedded in source materials) (TechCrunch). OpenAI itself admits honestly: “Even with Lockdown Mode turned on, ChatGPT could still be vulnerable to prompt injections.”
Why it matters. A “security mode” that essentially means “we’re disabling agent features because we can’t make them safe” is a public admission from an industry leader: the tech isn’t ready. If you’re planning to let AI agents touch financial, legal, or customer data, agent use cases (autonomous sending, contract generation, customer data processing) still require human verification at each step — not just “oversight.”
What to do this month.
- Inventory where AI agents already touch sensitive data in your company (customer CRM, finance, HR)
- For each workflow, decide: does AI just produce a draft (human approves), or does it execute autonomously — the latter is currently a high-risk zone
- Check whether your AI vendors offer the equivalent “lockdown” / “data exfiltration protection” mode — and why not, if they don’t
What to expect.
- Q3: major AI providers (Microsoft, Google, Anthropic) will release their own “safe mode” equivalents — all with similar undertones of “agents aren’t ready yet”
- Within 6–9 months: first public case where a company’s AI agent leaks confidential data due to prompt injection
- EU AI Act will require public reporting on AI agent security testing for companies above a certain threshold
Today’s picture
Three events point to one shift — AI is no longer a cheap, reliable experiment. It’s a regular vendor that needs regular management: budget caps, SLA clauses, security tests. Investor subsidies are ending, IPO prep is straining systems, and industry leaders are honestly admitting which features aren’t ready. Business leaders who ran a “just use ChatGPT” strategy in 2025 will need to build real AI vendor management in H2 2026 — the same kind that already exists for cloud providers.
| Event | Consequence for your business |
|---|---|
| Uber $1,500 engineer cap, Copilot 60% credits in 2 hours | You need AI cost monitoring — who, how much, on what |
| Notion AI 12-hour outage (Anthropic side) | You need single-provider risk assessment for AI dependencies |
| OpenAI Lockdown Mode = “agents disabled” | Agent use cases with sensitive data require mandatory human review |
Three questions for the leader:
- What do all your AI tools actually cost today, and how will that change if a vendor moves to token billing?
- Which of your workflows would stop if Anthropic or OpenAI went down for 12 hours?
- Does any AI agent in your company currently touch customer data, finances, or HR information autonomously?