9 Mexican authorities companies had been hacked in a synthetic intelligence (AI)-driven cyber marketing campaign between December 2025 and mid-February 2026 in what researchers have stated ought to “function a wake-up name.”
In line with researchers at cybersecurity firm Gambit Safety, a small group of people used Anthropic‘s Claude Code and OpenAI’s GPT-4.1 to breach each federal and state authorities companies and abscond with tens of millions of non-public citizen information. Gambit Safety representatives outlined the assault in a blog post Feb. 24, which they adopted up with a technical report April 10.
To kind by way of the massive pile of information and determine what to steal, the attackers used greater than 1,000 prompts — written requests despatched to the AI instruments — which led to greater than 5,000 instructions executed through the operation.
This newest assault reveals how AI could also be reshaping cybercrime by serving to small teams perform hacks with the velocity and scale of a bigger crew, Sela stated within the report. AI can each exploit weaknesses already within the digital framework and course of the stolen info with more efficiency.
AI-assisted assault
Over two and a half months, the hackers used greater than 400 customized assault scripts, in addition to a big program that helped course of info stolen from tons of of inside servers. Claude seems to have performed many of the heavy lifting through the hands-on part of the intrusion, with Gambit representatives saying that about 75% of the distant hack exercise was generated and executed by the mannequin. Nonetheless, Claude’s programming did not make the method simple.
“All through the marketing campaign, Claude refused or resisted sure requests — questioning the legitimacy of operations, requesting authorization proof, and declining to generate particular instruments,” Sela stated.
Though AI chatbots are programmed to refuse to assist with doubtlessly dangerous requests, some customers have been in a position to “jailbreak,” or override, these refusals. On this hack, the researchers discovered that it took the hackers solely 40 minutes to jailbreak Claude’s guardrails. As soon as inside these limits, Claude helped discover safety weaknesses to take advantage of and coding duties to steal the information, the researchers stated.
ChatGPT was used to assist make sense of the stolen paperwork, with the attackers constructing a 17,550-line Python device that moved information by way of it, producing 2,597 experiences of the information stolen from 305 inside servers. The hackers then fed these experiences again to Claude to study from, violating each corporations’ phrases of use for his or her AI methods.
“Recovering from this assault will take weeks to months; rebuilding belief will probably take years,” Gambit’s chief technique officer, Curtis Simpson, stated within the weblog submit. “The attackers on this situation might have been targeted on authorities identities and backdoors to create fraudulent identities however, contemplating the extent of compromise achieved, this might have simply as simply resulted in all information being eradicated and the methods being rendered unrecoverable.”
