Mexico Probes Public Data Leaks as Insider Cyber Risks Grow

The Ministry of Anticorruption and Good Government began multiple investigation procedures following the identification of alleged breaches in personal databases belonging to various public institutions, including potential external hacking and internal data leaks. This scenario reflects a priority for public agencies in 2026: addressing the growing number of cyberattacks against public databases.

The scale of this vulnerability reflects a broader trend where internal management remains the primary risk factor. "The most concerning threat does not come from external hackers, but from insiders: active employees, former staff with unrevoked credentials, or negligent personnel," says Víctor Ruiz, Founder and CEO, SILIKN. Research by SILIKN indicates that insiders account for approximately 70% of security breaches, data leaks, and cyberattacks within government institutions.

The announcement, made by the Ministry of Anticorruption and Good Government on Dec. 31, comes as the country experiences a significant rise in digital threats. Cyberattacks against federal institutions in the United States and Mexico were projected to increase by 260% in 2025 compared with previous years. This escalation stems from the professionalization of cybercrime, where organized groups offer specialized services to paralyze national infrastructure.

Data from the cybersecurity corporation SILIKN indicates that 80.7% of Mexican government organizations suffered at least one compromise in the previous year. These incidents are often linked to human factors. Globally, 68% of breaches involve human elements, while in Mexico, 60% of data violations result from human error and 22% involve internal employees directly.

Past incidents reinforce the criticality of these vulnerabilities. For example, a data leak affecting almost 20 million pensioners from the Mexican Social Security Institute (IMSS) occurred in September 2025. At the time, the agency attributed the event to the misuse of access by an insider. Similarly, the National Water Commission (CONAGUA) experienced vulnerabilities related to request smuggling attacks. Such events underscore that technical gaps often align with organizational deficiencies.

AI Integration and Future Security Directives

The Ministry of Anticorruption and Good Government is now analyzing the alleged filtration of information from 20 public institutions, aiming to determine whether it was obtained through unauthorized access in the deep web or via the improper use of credentials. The ministry has mandated that involved institutions cooperate with the inquiry and file necessary criminal complaints with the Attorney General of the Republic.

The Role of AI and Emerging Threats

Technological shifts are accelerating the pace of these attacks. Juan Carlos Carrillo, CEO, OneSec, says that AI can simulate voices, faces, and behaviors with precision. This technology allows malicious actors to execute intrusions in hours that previously required weeks. Furthermore, the integration of traditional criminal groups into the digital sphere has diversified risks. These groups use significant economic resources to acquire tools and contract specialists to compromise government systems.

For 2026, experts predict that major events such as the FIFA World Cup will serve as catalysts for cyber fraud. Sectors including tourism, transportation, and logistics will be susceptible to identity theft intended to extract banking information. Manuel Moreno, Cybersecurity Advisor, IQSEC, tells MBN that criminal groups use AI to evade detection controls, exposing corporations to operational vulnerabilities.

Transition Toward Resilient Security Models

The investigation by the ministry may result in technical recommendations to correct vulnerabilities and strengthen access controls. A primary focus for 2026 is the adoption of the Zero Trust model. This framework operates on the premise of verifying every request and entity, which is essential for managing non-human identities and autonomous AI agents.

Implementing such models allows for complete traceability and prevents data leakage within federal infrastructure. The global average cost of a data breach reached US$4.88 million in 2024, while the average cost in Latin America was US$4.16 million. These figures suggest that under-investment in cybersecurity creates a permanent price for losing biometric identity.

The Ministry of Anticorruption and Good Government maintains that protecting personal data is a critical responsibility of the state. Future directives will likely emphasize the need for continuous audit mechanisms and workforce training to mitigate the risks associated with social engineering. If the participation of any public servant in criminal conduct is confirmed, the Ministry will provide the relevant evidence to the federal authorities to determine administrative or penal responsibilities.