Hacker used Anthropic’s Claude to steal roughly 150GB of Mexican government data

An unnamed attacker exploited Anthropic PBC’s Claude chatbot as a central research and automation tool to carry out a multi-week intrusion that resulted in the theft of roughly 150 gigabytes of sensitive Mexican government data, cybersecurity researchers at Gambit Security and other analysts reported. The campaign, which culminated on February 25, 2026, used the generative model to map targets, generate exploit code and streamline repetitive tasks that otherwise would have required a larger human team.

Investigators traced an attack cadence in which the threat actor leveraged Claude for reconnaissance, scripting and workflow orchestration, allowing the intrusion to scale without the visible operational footprint of a traditional hacker collective. Gambit Security described the sequence of actions as an "AI-enabled kill chain" in preliminary findings shared with other analysts. The stolen archive totals approximately 150GB, a volume experts say is large enough to include both operational documents and personally identifiable information, though researchers have not publicly enumerated specific file types.

Mexican government officials have not disclosed the full scope of the affected systems. The breach raises immediate operational and public safety concerns because state-held data frequently underpins social service delivery, public health programs and citizen identity systems. Public health specialists note that interruptions to government records can delay benefits, complicate vaccination and screening programs, and erode trust in institutions that deliver care, effects that disproportionately burden low-income and marginalized communities who rely more heavily on public services.

Beyond local service disruption, the incident sharpens questions about the responsibilities of AI vendors, cloud providers and contract custodians. Security analysts warn that treating large language models as mere research assistants underestimates their potential to accelerate malicious campaigns. The Gambit analysis frames the episode as a test case for vendor controls, prompt-system governance and the need for strict boundaries on model capabilities that enable code generation and automation when tied to real-world infrastructure attacks.

The operational consequences for Mexico include immediate forensic needs, potential notification obligations for impacted citizens, and the long-term burden of hardening networks. For hospitals, clinics and social service agencies that depend on accurate government rosters and program eligibility data, even a partial compromise can mean disrupted care pathways and lost benefits for vulnerable patients. Community groups and rights advocates emphasize that breaches like this worsen existing inequities because the people least able to absorb identity theft or lost benefits are often already underserved.

Security policy experts say the incident will likely accelerate demands for binding procurement standards that require zero-trust architectures, verified logs and third-party audits for any vendor accessing government systems. It also raises domestic and international regulatory questions about how AI companies vet misuse and how governments certify tools used by attackers. For impacted residents, the immediate priorities are transparency from authorities about what was taken and coordinated steps to mitigate identity and service disruptions.