Hackers Utilize Claude AI Code in Sophisticated Mexican Government Cyberattack

Post Views: 6

Cyberattack on Mexican Government Utilizes AI-Powered Claude Code

A recent cyberattack on the Mexican government’s systems has highlighted the increasing threat of AI-powered attacks. According to Israeli cybersecurity startup Gambit Security, the attackers leveraged Anthropic’s Claude Code assistant to compromise ten government bodies and a financial institution, beginning with the country’s tax authority in late December 2025.

Attack Details

Gambit’s analysis of the attacker logs revealed that over 1,000 prompts were sent to Claude Code to facilitate the attacks. The attackers also utilized OpenAI’s GPT-4.1 to analyze data and accelerate the attack execution. By convincing the AI that all actions were authorized, the attackers were able to bypass the AI’s guardrails and utilize the assistant to write exploits, build tools, and automate exfiltration.

Impact of the Attack

The attack resulted in the exfiltration of over 150GB of data, including civil registry files, tax records, and voter data, exposing roughly 195 million identities. Gambit noted that the attack’s scale and sophistication were amplified by the use of AI, and that the recovery process will be long, disruptive, and expensive.

This incident marks the second time hackers have abused Claude Code in malicious campaigns. In November 2025, Anthropic revealed that Chinese threat actors manipulated Claude Code as part of an espionage campaign targeting nearly 30 organizations worldwide.

Implications and Reactions

The use of AI in cyberattacks has significant implications for national security, as the cost of entry for attackers is essentially non-existent. Red Sift CEO Rahul Powar emphasized that while AI offers enormous benefits, its misuse can lead to dangerous national security risks.

Previous Breaches

The Mexican government has faced several data breaches in recent months, including a breach by hacking collective Chronus Group, which claimed to have stolen 2.3TB of data from 25 government institutions. The data included names, phone numbers, dates of birth, and details about Mexico’s public universal healthcare system.

Cyber Threats in Latin America

The escalating cyber threats to Latin America, which faces over 3,000 cyberattacks per week, highlight the need for increased vigilance and safeguards against AI-powered attacks.