AI-Assisted Hackers Blamed for Massive Security Breach

Hackers just showed how much damage a few people with AI tools can do. Cybersecurity firm Gambit Security says a small group used Anthropic's Claude Code and OpenAI's GPT-4.1 to hit nine Mexican government agencies between December 2025 and mid-February 2026, siphoning off data on roughly 195 million identities, plus detailed tax filings, vehicle registrations, civil records, and property information, LiveScience reports. Gambit calls it one of the biggest breaches ever and a "wake-up call" for governments. The hackers targeted Mexico's federal tax authority and the national electoral institute, as well as state governments in Mexico, Jalisco, Michoacán, and Tamaulipas, Bloomberg reports.

The security firm says attackers ran more than 1,000 prompts that generated over 5,000 commands and 400-plus custom scripts. Gambit says Claude handled about three-quarters of the remote hacking activity after its safeguards were bypassed in about 40 minutes. The model at times questioned what it was being asked to do, but once "jailbroken" was used to probe for weaknesses and write code to exploit them, researchers say. ChatGPT helped process the haul via a 17,550-line Python tool that turned stolen files from 305 servers into nearly 2,600 analytic reports—then fed back into Claude to refine the operation.

• "In total, it produced thousands of detailed reports that included ready-to-execute plans, telling the human operator exactly which internal targets to attack next and what credentials to use," said Curtis Simpson, Gambit Security's chief strategy officer.

Gambit produced an initial report on the cyberattack in late February and issued a detailed technical report this month. Anthropic and OpenAI say the accounts used by the hackers have been identified and banned. "The AI-assisted methods documented here represent a significant evolution in offensive capability," Eyal Sela, Gambit's director of threat intelligence, wrote in a blog post. "Organizations that have deferred investment in technical debt, particularly for mission-critical systems, now face a fundamentally different threat environment. AI has collapsed the cost and complexity of reaching those systems. The gap between what attackers can do and what defenders can protect is widening."