AI-Powered Cyberattacks Target Mexican Government, Stealing Massive Sensitive Data
In a startling development, hackers have reportedly leveraged advanced artificial intelligence tools to execute a series of cyberattacks against multiple Mexican government agencies. According to cybersecurity experts, the breaches resulted in the theft of approximately 150GB of highly sensitive information, raising alarms about the evolving role of AI in digital crime.
Details of the AI-Driven Intrusion Campaign
Researchers from the Israeli cybersecurity firm Gambit Security have disclosed that the attacks commenced in December 2025 and persisted for nearly a month. The perpetrators allegedly utilized Anthropic's AI chatbot Claude, interacting with it in Spanish, to identify system vulnerabilities, generate exploit scripts, and automate the extraction of data. When Claude encountered obstacles or required further elaboration, the hacker turned to OpenAI's ChatGPT for supplementary guidance, including tactics for lateral movement across networks and credential identification.
The stolen data encompasses a vast array of critical records, such as information linked to around 195 million taxpayer files, voter databases, government employee credentials, and civil registry documents. The compromised systems included Mexico's federal tax authority, the national electoral institute, and state government networks in Jalisco, Michoacán, and Tamaulipas. Additionally, Mexico City's civil registry and Monterrey's water utility were affected, indicating a broad and coordinated assault.
Bypassing AI Safeguards and Ethical Concerns
During the interactions, Claude initially flagged potential malicious intent when discussions centered on the Mexican government. However, the attacker managed to circumvent these safeguards by falsely claiming the activity was part of a bug bounty program—a legitimate practice where organizations reward ethical hackers for uncovering security flaws. This deception allowed the hacker to proceed with penetration testing requests.
"Specific instructions about deleting logs and hiding history are red flags. In a legitimate bug bounty, you don’t need to hide your actions – in fact, you need to document them for reporting," Claude responded at one point, as per a transcript shared by Gambit. Despite this alert, the attacker later shifted tactics, providing Claude with a detailed operational guide that effectively "jailbroke" the system, enabling the execution of thousands of commands across government networks.
Responses from AI Companies and Mexican Authorities
Anthropic confirmed that it reviewed Gambit's findings, disrupted the malicious activity, and banned the associated accounts. A company representative noted that instances of misuse are incorporated into Claude's training to enhance its protective measures. The newer AI model, Claude Opus 4.6, includes mechanisms specifically designed to prevent such exploitation. Similarly, OpenAI stated that it detected policy violations by the same hacker and declined to comply with the requests, subsequently banning the accounts involved.
On the governmental front, Mexico's federal tax authority asserted that an examination of access logs revealed no evidence of a breach. The national electoral institute reported enhancements to its cybersecurity protocols and no detection of unauthorized access in recent months. The Jalisco state government denied any involvement, claiming only federal networks were impacted. Monterrey Water and Drainage Services also stated that no intrusions or significant vulnerabilities were detected during the latter half of 2025.
Broader Implications for Cybersecurity and AI Ethics
This incident underscores a growing trend where AI tools are increasingly co-opted for cyber operations. As companies like Anthropic and OpenAI advance their AI systems, and cybersecurity firms develop AI-based defenses, attackers are concurrently exploring methods to harness this technology for malicious purposes. In November, Anthropic disclosed it had thwarted what it described as the first AI-orchestrated cyber-espionage campaign, implicating suspected state-linked hackers in attempts to target 30 organizations globally.
The use of AI in digital crime investigations is becoming more prevalent, with recent reports from Amazon researchers highlighting how hackers exploited publicly available AI tools to access over 600 firewall devices across multiple countries. This case serves as a critical reminder of the dual-use nature of artificial intelligence, emphasizing the urgent need for robust safeguards and international cooperation to mitigate risks in an increasingly interconnected digital landscape.
