Breaches followed by IT cuts in Mexico

Five Mexican public institutions that suffered cyber incidents later cut their information-technology spending, with the steepest drop reaching 85% between 2018 and 2025. (eluniversal.com.mx) An analysis by *El Universal* and the Mexican Institute for Competitiveness found that at least six public institutions reported cybersecurity incidents between 2022 and 2025, and five of them reduced spending on informática over the past eight years. The biggest fall was in the Secretariat of Infrastructure, Communications and Transport and related agencies, where spending dropped from 1.79 billion pesos in 2018 to 265.5 million pesos in 2025, a real decline of 85.19%. (eluniversal.com.mx, vanguardia.com.mx) The same review identified cuts in the education sector led by the Secretariat of Public Education, which includes the National Autonomous University of Mexico, and in other exposed institutions including Petróleos Mexicanos and the National Water Commission. The figures were deflated to measure the real change in spending, not just nominal pesos. (eluniversal.com.mx, es-us.noticias.yahoo.com) The spending cuts landed after a run of breaches that hit universities, tax systems and other state networks. On April 11, *Infobae* reported that the first weeks of April had already brought mass data leaks, attacks on the Secretariat of the Navy and the Tax Administration Service, and ransomware cases affecting Mexican companies. (infobae.com) That April report described a structural problem: incidents are no longer isolated website defacements but breaches tied to leaked personal data, operational disruption and criminal monetization. Separate reporting in January had already pointed to a broader 2026 warning cycle after hacks at the National Autonomous University of Mexico and federal entities. (infobae.com, eleconomista.com.mx) The National Autonomous University of Mexico said on January 7 that it detected an unauthorized intrusion during the holiday period in five of its more than 100,000 computer systems and disabled the affected systems as a precaution. The university said the compromised systems did not contain databases for its more than 370,000 students, more than 43,000 teachers or administrative staff. (dgcs.unam.mx, jornada.com.mx) Outside the university system, pressure has also built at state-owned oil company Petróleos Mexicanos. *El Universal* reported in April 2024 that the company faced 2.608 million attempted cyberattacks per day on average in 2022 and 2023, more than triple the prior level, while the company has separately acknowledged continuing cybersecurity threats in filings and public reporting. (eluniversal.com.mx, elceo.com) Mexico has also been trying to build a national policy response while attacks keep arriving. In January, *Expansión* reported that the government was preparing its first National Cybersecurity Plan and a General Cybersecurity Law for 2026 through the Agency for Digital Transformation and Telecommunications. (expansion.mx) The new budget findings sharpen that debate: the institutions that most needed stronger defenses after breaches were, in several cases, spending less on the systems meant to prevent the next one. (eluniversal.com.mx, infobae.com)