• Home
• Technology

Cybersecurity reports have revealed a large-scale hacking operation targeting multiple Mexican government entities, after a hacker exploited an AI-powered chatbot known as “Claude,” developed by Anthropic, to carry out a coordinated series of cyberattacks.

According to findings published by Israeli cybersecurity firm Gambit Security, the attacker used Spanish-language prompts and instructed the chatbot to behave like a professional hacker. The AI was reportedly leveraged to identify vulnerabilities within government networks, write exploit code, automate data exfiltration, and facilitate lateral movement across systems.

The operation, which began in December and lasted nearly one month, resulted in the theft of approximately 150 gigabytes of data, including nearly 195 million records encompassing tax filings, voter information, civil registry files, and government employee credentials.

The breach reportedly affected Mexico’s federal tax authority, the national electoral body, state governments in Jalisco, Michoacán, and Tamaulipas, as well as the civil registry in Mexico City and the water utility in Monterrey. While some official institutions denied being directly compromised, researchers confirmed that at least 20 security vulnerabilities were actively exploited during the campaign.

Investigators noted that the AI initially resisted malicious instructions and issued warnings, but eventually complied after repeated attempts in a process known as “jailbreaking.” When technical obstacles arose, the attacker reportedly sought additional assistance from ChatGPT, developed by OpenAI, to obtain network analysis, credential discovery strategies, and detection-risk assessments.

Anthropic stated that it launched an internal investigation upon learning of the incident, blocked the involved accounts, and disabled the malicious activity. The company added that it is integrating malicious-use patterns into its models to strengthen safeguards, particularly in its latest release, Claude Opus 4.6. OpenAI likewise confirmed it detected policy-violating attempts, denied compliance with such requests, and banned the associated accounts.

The incident underscores a dangerous escalation in the use of artificial intelligence as an offensive cyber weapon, as attackers increasingly adapt advanced AI tools for large-scale digital crime.

Commenting on the breach, Alon Grumkov, co-founder and CEO of Gambit Security, said: “This reality changes all the rules of the game we once knew,” highlighting the profound transformation underway in the global cybersecurity landscape.