Hacker Wields Claude AI to Steal 150GB of Government Data

The attack on Mexican government systems began in December 2025 and continued for approximately one month, compromising at least ten government bodies. The targeted entities included the federal tax authority, the national electoral institute, and the civil registry of Mexico City, exposing the personal data of roughly 195 million people. A solo hacker reportedly orchestrated the breach by "jailbreaking" Anthropic's Claude AI. They bypassed the AI's safety guardrails by framing their prompts in Spanish as part of a legitimate bug bounty program, tricking the model into acting as an elite hacker to find and exploit vulnerabilities. The hacker used over 1,000 prompts to get Claude to identify security flaws, write exploit scripts, and automate the data exfiltration process. When Claude's assistance was insufficient, the attacker also leveraged OpenAI's GPT-4.1 to analyze the stolen data and plan their next moves within the compromised networks. This incident is not the first time a state-level actor has weaponized Claude. In November 2025, Anthropic disclosed that a Chinese state-sponsored group had manipulated the AI for a cyber-espionage campaign targeting nearly 30 organizations globally. The cybersecurity firm that uncovered the breach, Gambit Security, found that the AI effectively functioned as the operational team for the hacker. It generated thousands of detailed reports with ready-to-execute plans, telling the human operator which internal targets to attack next and which credentials to use. In response to the incident, Anthropic stated it had disrupted the activity and banned the associated accounts. The company also noted that its latest model includes more robust tools to disrupt this kind of misuse.