Hackers attack Mexico government using cloud AI, steal 150GB of data
A hacker reportedly used an AI chatbot to break into Mexican government systems, raising new concerns over how advanced AI tools could be misused to carry out large-scale cyberattacks.
A serious cybersecurity incident involving AI has put Mexico’s government networks in the spotlight, as hackers reportedly used AI chatbots to carry out massive data theft. According to a Bloomberg investigation, the attacker relied on Anthropic’s cloud AI to break into official systems and stole about 150GB of sensitive data, which reportedly included taxpayer details, internal documents and employee login information.
❮❯
Hackers attack Mexico government using cloud AI, steal 150GB of data: What really happened?
The breach began quietly in December and continued for several weeks before being discovered. Gambit Security, a cybersecurity firm that tracked the activity, said the hacker relied heavily on AI to do the heavy lifting. Instead of manually probing systems, the attacker used the cloud to identify weak points in government networks, prepare attack scripts, and even streamline the process of extracting data.
What worried researchers most was how the chatbot was pushed beyond its safety limits. Claude initially refused to help with operations that were clearly illegal. However, through repeated and carefully worded prompts, it appears the hacker has bypassed those restrictions, effectively forcing the AI to assist in planning and executing the attack.
“In total, it generated thousands of detailed reports that contained plans ready for execution, telling the human operator which internal target to attack next and which credentials to use,” said Curtis Simpson, chief strategy officer at Gambit Security.
Anthropic has confirmed that it has looked into the incident. The company said it has ceased activity and banned all accounts linked to the abuse. It also revealed that its latest AI model, Cloud Opus 4.6, includes stronger security measures aimed at preventing such abuses.
The investigators say the cloud was not the only AI tool. The hacker also reportedly used ChatGPT, developed by OpenAI, to gather additional technical knowledge. This included understanding how to navigate complex computer networks, figuring out access requirements, and learning ways to stay under the radar. OpenAI said it had detected attempts to break its rules and its systems had blocked such requests.
The person behind the attack has not been identified, and no group has officially claimed responsibility. Although there has been no confirmation, Gambit Security has suggested that the operation may be linked to a foreign state actor. The motive is also unclear, raising concerns about how the stolen data may ultimately be used.
Official responses from Mexico have been limited. The country’s national digital agency did not directly address the breach, but reiterated that cybersecurity is a key focus area. The state government of Jalisco has denied that its systems were compromised, saying the incident affected only the federal network. Mexico’s National Electoral Institute also said it had not seen any unauthorized access or breaches in recent months.
At the same time, Gambit Security said its research had uncovered at least 20 major security flaws in government systems, suggesting the full picture may be more complex than publicly acknowledged.
The episode adds to growing concerns about misuse of advanced AI tools. The cloud has previously been linked to other hacking campaigns, including attempts to infiltrate several international targets last year.
