Hackers Allegedly Used AI Platforms to Breach Mexican Government

Hackers reportedly used Generative AI tools like ChatGPT and Claude to breach Mexican government systems, highlighting a growing cybersecurity risk for public institutions and critical infrastructure. The incident, affecting tax and electoral data, underscores vulnerabilities in credential management and human oversight while intensifying pressure on authorities to adopt frameworks such as Zero Trust Architecture.

Threat actors allegedly utilized Generative AI models Claude and ChatGPT to identify and exploit security vulnerabilities within the networks of the Mexican government, reports Gambit Security. This intrusion resulted in the exfiltration of 150GB of sensitive data, including 195 million taxpayer records, voting information, and government employee credentials.

“Adversaries of all motivations utilized AI technology throughout 2025 to accelerate and optimize their existing techniques,” says Adam Meyers, Senior Vice President of Counter Adversary, CrowdStrike. “They explored its use in attack types such as social engineering and information operations, proving their growing proficiency with AI tools… In addition to using AI tools, adversaries are targeting the AI systems underpinning the modern enterprise.”

The incident, which allegedly began in December 2025 and was identified by researchers at Gambit Security, reflects a significant shift in the cyber threat landscape where Generative AI acts as a force multiplier for malicious actors. According to a report by Bloomberg, the attacker successfully bypassed the safety guardrails of Anthropic’s Claude chatbot by employing sophisticated prompt engineering.

Bloomberg reports that the hacker utilized a jailbreaking technique, instructing the AI to assume the persona of a security researcher participating in a bug bounty program. Through this manipulation, the actor compelled the model to write computer scripts designed to exploit weaknesses and automate the theft of data. When the actor encountered technical obstacles or required specific network information, they utilized ChatGPT from OpenAI to supplement the operation.

The use of ChatGPT was allegedly instrumental in facilitating lateral movement within the government systems. The chatbot provided the attacker with thousands of detailed reports, which included ready-to-execute plans and specific guidance on which internal targets to compromise next. This capability allowed the human operator to understand which credentials were required for specific systems and to evaluate the probability of detection by existing security protocols.

This event is part of a broader trend observed by the global security community. In previous months, analysts from Amazon Threat Intelligence identified a Russian-speaking threat actor who used multiple commercially available Generative AI services to compromise more than 600 FortiGate network appliances across more than 55 countries. Similarly, Anthropic reported in November 2025 that a Chinese nation-state group utilized its Claude Code developer model to facilitate an espionage campaign. These instances demonstrate that AI systems are now a permanent component of the modern attack surface.

Technical Details and Institutional Vulnerabilities

Gambit Security research indicates that the hacker exploited at least 20 security flaws across various levels of the Mexican government. Affected entities include the federal tax authority, the National Electoral Institute (INE), and state governments in Jalisco, Michoacan, and Tamaulipas. The exfiltrated 150GB of data included:

• Taxpayer Records: Comprehensive data for 195 million individuals and entities.

• Civil Registry Files: Critical identity documentation for citizens.

• Government Credentials: Authorized access keys for public servants.

• Voting Information: Sensitive data related to the national electoral process.

The Ministry of Anticorruption and Good Government has initiated multiple investigation procedures to determine the origin of these breaches. A primary objective of these inquiries is to establish whether the information was obtained through unauthorized external access or via the improper use of credentials by internal personnel.

Data from SILIKN, a cybersecurity corporation, suggests that the human factor remains a critical vulnerability within Mexican institutions. Víctor Ruiz, Founder and CEO, SILIKN, says that insiders, including active employees, former staff with unrevoked credentials, or negligent personnel, account for about 70% of security breaches within government institutions. This internal risk is compounded by the fact that 60% of data violations in Mexico result from human error.

Past incidents reinforce the severity of these organizational deficiencies. In September 2025, a leak affected nearly 20 million pensioners from the Mexican Social Security Institute (IMSS). The agency attributed that event to the misuse of access by an internal actor. 

Furthermore, the national water commission experienced vulnerabilities related to request smuggling attacks in previous years. These historical precedents suggest that technical gaps often align with systemic failures in credential management.

Future Implications and Strategic Recommendations

The professionalization of cybercrime has led to an environment where organized groups offer specialized services to paralyze national infrastructure. Experts project that cyberattacks against federal institutions in the United States and Mexico will increase by 260% during this time compared to previous cycles. Major upcoming events, such as the FIFA World Cup, are expected to serve as catalysts for increased cyber fraud and identity theft.

Juan Carlos Carrillo, CEO, OneSec, says that AI can now simulate voices, faces, and behaviors with high precision. This technology allows malicious actors to execute intrusions in hours that previously required weeks of manual effort. Manuel Moreno, Cybersecurity Advisor, IQSEC, says that criminal groups use AI to evade detection controls, exposing both public and private corporations to operational vulnerabilities.

To mitigate these risks, the Ministry of Anticorruption and Good Government is evaluating technical recommendations to strengthen access controls. A primary focus for 2026 is the adoption of the Zero Trust security model. This framework operates on the principle of continuous verification for every request and entity, which is essential for managing non-human identities and autonomous AI agents.