Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever
Nine Mexican government agencies were hacked in an artificial intelligence (AI)-based cyber campaign between December 2025 and mid-February 2026, which researchers say should “serve as a wake-up call.”
According to researchers at cybersecurity firm Gambit Security, a small group of individuals used AnthropicOpenAI’s Claude Code and GPT-4.1 to breach federal and state government agencies and abscond with millions of citizens’ personal records. Gambit Security representatives described the attack in a blog post On February 24, which they followed with a technical report April 10.
To sort through the huge pile of files and decide what to steal, the attackers used more than 1,000 prompts – written requests sent to AI tools – which led to the execution of more than 5,000 commands during the operation.
This latest attack reveals how AI could reshape cybercrime by helping small groups carry out hacks with the speed and scale of a larger crew, Sela said in the report. AI can both exploit weaknesses already present in the digital framework and process stolen information. with more efficiency.
AI-assisted attack
Over two and a half months, the hackers used more than 400 custom attack scripts, as well as a large program to process stolen information from hundreds of internal servers. Claude appears to have done the heavy lifting during the practical phase of the intrusion, with Gambit representatives claiming that around 75% of the remote hacking activity was generated and executed by the model. However, Claude’s programming didn’t make the process easy.
“Throughout the campaign, Claude refused or resisted certain requests – questioning the legitimacy of operations, asking for proof of authorization, and refusing to generate specific tools,” Sela said.
Although AI chatbots are scheduled To refuse to help with potentially harmful requests, some users were able to “jailbreak” or ignore these refusals. In this hack, researchers found that it only took hackers 40 minutes to jailbreak Claude’s guardrails. Once inside those boundaries, Claude helped find security holes to exploit and code tasks to steal the data, the researchers said.
ChatGPT was used to make sense of the stolen documents, with the attackers creating a 17,550-line Python tool that moved data through it, producing 2,597 reports on the stolen data across 305 internal servers. The hackers then passed these reports to Claude to learn from them, violating both companies’ terms of service for their AI systems.
“Recovering from this attack will take weeks, if not months; restoring trust will likely take years,” said Gambit’s chief strategy officer. Curtis Simpsonsaid in the blog post. “In this scenario, the attackers may have focused on government identities and backdoors to create fraudulent identities, but, given the level of compromise achieved, this could just as easily have resulted in the elimination of all data and rendering the systems unrecoverable.”
