A single attacker used Anthropic's Claude and OpenAI's ChatGPT to compromise nine Mexican government agencies, stealing 195 million taxpayer records and voter data:
On February 25, 2026, Bloomberg published a story that would have sounded like fiction two years ago. A lone hacker, with no apparent ties to any government, used Anthropic's Claude chatbot to orchestrate a cyberattack against Mexico's federal and state government agencies. The campaign lasted roughly six weeks, from late December 2025 through January 2026. By the time it was over, the attacker had stolen 150 gigabytes of sensitive data -- including 195 million taxpayer records, voter registration files, government employee credentials, and civil registry data.
The hacker did not use custom malware. They did not deploy a zero-day exploit. They used a consumer AI subscription and a set of carefully written Spanish-language prompts. The AI did the rest.
The breach was uncovered not by any of the affected agencies, but by Gambit Security, an Israeli cybersecurity startup whose researchers stumbled onto publicly accessible conversation logs showing exactly how the attacker coaxed Claude into becoming an offensive hacking assistant. The paper trail was remarkably detailed -- a step-by-step record of how guardrails were tested, resisted, and ultimately bypassed.
"This reality is changing all the game rules we have ever known," said Alon Gromakov, Gambit Security's co-founder and CEO.
TFA goes on to list what was stolen, how Claude was weaponized and how the affected entities responded.
« Hackers Expose the Massive Surveillance Stack Hiding Inside Your “Age Verification” Check | Why LLM-Generated Passwords Are Dangerously Insecure »
Related Stories
Artificial intelligence and government officials warned that tech companies such as Anthropic and OpenAI are slated to deploy advanced models that are highly effective at hacking complex systems:
Anthropic is privately cautioning senior government officials that its upcoming model, presently known as “Mythos,” will increase the likelihood of massive cyberattacks in 2026, Axios reported. Axios CEO Jim VandeHei also reported that a source familiar with the upcoming models asserted a large-scale cyberattack may occur in 2026, with businesses being vulnerable targets.
Fortune also obtained a draft blog post from Anthropic characterizing “Mythos” as “currently far ahead of any other AI model in cyber capabilities.” The post further suggested that the model “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”
Moreover, Axios co-founder Mike Allen also asked OpenAI CEO Sam Altman whether he agreed there was a likelihood of a “world-shaking cyberattack” in 2026 during a Monday interview.
“I think that’s totally possible, yes,” Altman told Allen. “I think to avoid that, it will require a tremendous amount of work.”
Furthermore, OpenAI on Monday released a blueprint for how the government should handle AI, titled, “Industrial Policy for the Intelligence Age: Ideas to Keep People First.” The blueprint warns of cyberattacks resulting from advanced and prevalent AI models.
“As AI systems become more capable and more embedded across the economy, they may introduce new vulnerabilities alongside new abundance,” the blueprint states. “Some systems may be misused for cyber or biological harm.”
Related: A Hacker Used Claude to Breach Mexico's Government and Steal 150GB of Data
(Score: 0) by Anonymous Coward on Saturday February 28, @07:39PM (1 child)
Real hackers would go after the US/China/Russia and the mob/cartels and post the Epstein files and a list of the contractors Trump has stiffed.
(Score: 2) by Freeman on Monday March 02, @03:09PM
There's plenty of hackers that go after the US. China/Russia, somewhat sure, but you need to be careful who you turn into enemies. The USA, will potentially throw in the slammer for a couple of decades. China/Russia, prison for life and/or in the case of Russia, just accidentally a window. Going after Mobs/Cartels, that sounds like a very good way to end up in a shallow grave somewhere. Also, theoretically, the government is already going after the mob/cartels. Probably better off just joining one of the triple letter agencies, if you want to take down bad guys.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"