Nine Mexican government agencies were hacked in an artificial intelligence (AI)-driven cyberattack between December 2025 and mid-February 2026, which researchers said should serve as a wake-up call.
According to researchers at cybersecurity firm Gambit Security, a small group of individuals used Anthropic’s Claude Code and OpenAI’s GPT-4.1 to infiltrate both federal and state government agencies and flee with millions of individual citizen records. Gambit Security representatives outlined the attack in a February 24th blog post and followed up on it in an April 10th technical report.
you may like
To sort through the huge pile of files and decide what to steal, the attackers used over 1,000 prompts (written requests sent to the AI tool), and over 5,000 commands were executed during the operation.
This latest attack reveals how AI may be reshaping cybercrime by helping small groups carry out hacks at the speed and scale of larger teams, Serra said in the report. AI can exploit weaknesses that already exist in digital frameworks or process stolen information more efficiently.
AI-assisted attack
Over two and a half months, the hackers used more than 400 custom attack scripts and an extensive program to help process information stolen from hundreds of internal servers. Claude appears to have done most of the heavy lifting during the hands-on phase of the intrusion, with Gambit representatives saying that approximately 75% of the remote hacking activity was generated and executed by this model. However, this process was not easy with Claude’s programming.
“Throughout the campaign, Claude refused or resisted certain requests, including questioning the legitimacy of operations, requesting proof of authorization, and refusing to produce certain tools,” Serra said.
AI chatbots are programmed to refuse to respond to potentially harmful requests, but some users can “jailbreak,” or override, these refusals. In this hack, researchers found that it took hackers just 40 minutes to jailbreak Claude’s guardrails. Once within these limits, Claude helped discover exploitable security weaknesses and coding tasks to steal data, the researchers said.
ChatGPT was used to make sense of stolen documents, and the attackers built a 17,550-line Python tool to move data through it, generating 2,597 reports of data stolen from 305 internal servers. The hackers then fed those reports back to Claude for learning, violating the terms of use of both companies’ AI systems.
“Recovering from this attack will likely take weeks or months. Restoring trust will likely take years,” Curtis Simpson, Gambit’s chief strategy officer, said in a blog post. “While the attackers in this scenario may have focused on government identities and backdoors to create fraudulent identities, given the level of compromise achieved, this could easily delete all data and render the system unrecoverable.”
Source link
