A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.
Gambit Security has uncovered a major cyber incident in which a single hacker compromised nine Mexican government agencies by exploiting AI platforms, including Claude Code and OpenAI’s GPT-4.1. The attack, which took place between December 2025 and February 2026, highlights the growing misuse of advanced AI tools in executing large-scale cyber operations with unprecedented speed and efficiency.
The breach demonstrates how AI is reshaping the threat landscape, enabling attackers to automate complex tasks that would typically require an entire team of skilled professionals. According to findings shared by Gambit Security, the hacker leveraged Claude Code to execute nearly 75% of remote commands across compromised systems, dramatically accelerating the pace of the attack.
In total, the attacker issued 1,088 prompts that generated 5,317 commands across 34 active sessions. This allowed the hacker to rapidly map and exploit unfamiliar government networks within hours, effectively transforming AI platforms into force multipliers for cybercrime.
A critical element of the attack involved manipulating AI safeguards. The hacker reportedly bypassed security filters by posing as a participant in a legitimate bug bounty program. By feeding the AI systems a detailed hacking manual, the attacker trained them to conceal malicious activity, including automatically deleting traces such as system logs and history files.
The operation was further amplified through a custom-built tool, BACKUPOSINT.py, which enabled the extraction and analysis of sensitive data from 305 internal government servers. This data was processed through OpenAI’s GPT-4.1, generating over 2,500 structured reports that provided deep insights into server configurations. The AI effectively acted as an automated intelligence analyst, converting raw data into actionable attack strategies.
The impact of the breach was widespread and severe. At Mexico’s federal tax authority (SAT), the attacker gained access to approximately 195 million taxpayer records and even developed a mechanism to generate fraudulent tax certificates. In Mexico City, the hacker infiltrated systems containing over 220 million civil records by embedding a malicious scheduled task that enabled persistent access.
In Jalisco state, the attacker achieved full control over critical infrastructure, including a 13-node Nutanix cluster. This access extended to 37 database servers containing highly sensitive information, such as health records and data related to domestic violence victims, significantly raising concerns about data privacy and national security.
The attacker also deployed hundreds of custom scripts to exploit vulnerabilities across systems, targeting at least 20 known CVEs. Even when AI platforms initially resisted certain requests, the hacker was able to bypass restrictions by rephrasing prompts, underscoring the limitations of current AI safety mechanisms when faced with persistent adversaries.
The scale and sophistication of the attack were matched by the simplicity of the underlying vulnerabilities. Many of the compromised systems reportedly lacked basic cybersecurity hygiene, such as regular software updates, strong password management, and proper network segmentation – measures that could have significantly limited the breach.
This incident underscores a critical shift in cybersecurity dynamics. While AI continues to empower organizations with advanced defensive capabilities, it is equally enabling threat actors to identify vulnerabilities faster, automate exploitation, and overwhelm traditional security defenses.
The findings from Gambit Security serve as a stark warning for governments and enterprises worldwide: as AI tools become more accessible and powerful, cybersecurity strategies must evolve rapidly to address a new generation of AI-driven threats.
Recommended Cyber Technology News :
- Hackers Exploit Okta Using Voice Phishing to Breach Cloud Systems
- HackerOne Stops Bug Bounty Program Over AI Risks
- Data Breaches Hit DermCare, Aetna, Option Care Health
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
