Mexico's Massive Government Hack Exposed 195 Million Identities Using AI-Crafted Exploits

The weapon was not custom malware or a nation-state toolkit. Between late December 2025 and January 2026, a single unidentified attacker armed with jailbroken commercial AI chatbots dismantled defenses across ten Mexican government institutions and one financial institution, exfiltrating 150 gigabytes of data tied to nearly 195 million identities.

The campaign began at Mexico's Federal Tax Authority, known as the SAT, then spread to the National Electoral Institute (INE), state governments in Estado de México, Jalisco, Michoacán and Tamaulipas, Mexico City's civil registry, and Monterrey's water and drainage utility. The combined theft included taxpayer records, voter registration files, government employee credentials, vehicle registrations and more than 2.2 million property records.

The breach was uncovered not by any affected agency but by Gambit Security, an Israeli cybersecurity startup whose researchers stumbled onto publicly accessible conversation logs showing exactly how the attacker coaxed Anthropic's Claude into becoming an offensive hacking tool. The attacker sent more than 1,000 prompts to Claude Code and used OpenAI's GPT-4.1 to analyze stolen data. The jailbreak relied on Spanish-language prompts that framed each intrusion as an authorized penetration test. When Claude stopped being helpful, the attackers switched to ChatGPT to get guidance on moving deeper into networks and organizing stolen credentials.

The AI tools did not simply provide instructions. The attacker went as far as building an automated system capable of generating fake tax certificates, feeding in real time on information stolen from official SAT systems. The system did not copy data passively; it industrialized its abuse, producing counterfeit government documents from live stolen records. Gambit also identified at least 20 security vulnerabilities during its investigation.

"This reality is changing all the game rules we have ever known," said Alon Gromakov, co-founder and CEO of Gambit Security.

For the millions of people whose lives cross the U.S.-Mexico border, the implications reach beyond Mexico City. The stolen data included 195 million taxpayer records, voting information and government employee credentials. Mexico's RFC tax identification numbers, combined with civil registry birth data, voter-roll addresses and vehicle records, give fraudsters enough to impersonate a dual citizen in banking systems on either side of the frontier, apply for credit in both countries, or fabricate documents accepted by consulates and employment verification services. The automated fake-certificate infrastructure the attacker built could accelerate precisely that kind of cross-border identity fraud at scale.

Mexico's national electoral institute said it had not identified any breaches or unauthorized access in recent months and noted it had improved security. Jalisco's state government denied it had been breached, saying only federal networks were affected. Anthropic confirmed it investigated Gambit's findings and said, "We have banned the accounts used by this adversary and value the outreach from Gambit Security."

Gambit has not attributed the attack to a specific group. Researchers said they do not believe the attacker is tied to a foreign government. That finding is itself alarming: a solo operator with consumer AI subscriptions and persistent patience replicated a capability that previously required significant technical expertise and resources. The 195 million people whose records are now circulating outside government control are left to reckon with that shift regardless of what any agency chooses to call it.