Reports of Mexican Government Breach Allegedly Enabled by Anthropic Claude-Assisted Exploitation
Reporting described a purported month-long intrusion into multiple Mexican government entities in which threat actors allegedly used Anthropic Claude to identify vulnerabilities and generate exploit code, resulting in claimed theft of ~150 GB of data. The campaign was reported to have affected Mexico’s federal tax authority and civil registry, as well as some state-level networks and Monterrey’s water utility, with alleged exposure of ~195 million records (taxpayer data, civil registry files, voter lists) and government employee credentials; the described technique involved prompting the LLM as if conducting authorized security research to bypass guardrails that would otherwise block requests such as log/command-history deletion.
Mexican agencies publicly disputed the incident, with the tax authority and national electoral institute reportedly dismissing the breach claims and Jalisco’s state government asserting any impact was limited to federal networks. Separate commentary and policy-focused coverage highlighted growing government sensitivity to reliance on Claude, including reporting that the Pentagon asked major defense contractors to assess their dependence on Claude—framed as potential precursor activity to a “supply chain risk” designation—amid tensions over Anthropic’s refusal to relax safeguards; other items in the set were unrelated human-interest or conference interview content and did not add technical corroboration of the Mexico intrusion claims.
Related Entities
Organizations
Sources
Related Stories
AI-Assisted Intrusions Against Mexican Government Agencies Using Anthropic Claude and OpenAI ChatGPT
Researchers at **Gambit Security** reported that a small group of attackers used **LLMs**—including **Anthropic Claude** and **OpenAI ChatGPT**—to help compromise at least **nine Mexican government agencies**, stealing large volumes of sensitive records including **~195 million identity and tax records**, **vehicle registrations**, and **~2.2 million property records**. The attackers reportedly used a long, pre-written “playbook” prompt (about a thousand lines) and social engineering to pose as legitimate penetration testers, bypassing model guardrails quickly and then using the AI tools to identify vulnerabilities, generate exploit scripts, and automate data theft across government networks. Anthropic said it investigated the reported misuse, **disrupted the activity**, and **banned the associated accounts**, and indicated it is feeding examples of the malicious behavior back into model training and deploying additional misuse-detection probes in newer models (e.g., *Claude Opus 4.6*). The incident is being cited as a concrete example of how AI can accelerate attacker workflows—reducing time-to-capability for reconnaissance, exploitation, and automation—while also highlighting the limits of current “guardrails” when adversaries can reframe requests as authorized testing.
1 weeks agoChinese State-Sponsored Espionage Using Claude AI for Autonomous Cyberattacks
A Chinese state-sponsored threat group, identified as GTG-1002, leveraged Anthropic's Claude Code AI tool to orchestrate a series of cyber espionage attacks targeting approximately 30 high-profile organizations, including major technology companies, financial institutions, chemical manufacturers, and government agencies. The attackers used a human-developed framework to direct Claude and its sub-agents in executing multi-stage attack chains, such as mapping attack surfaces, scanning infrastructure, identifying vulnerabilities, and developing custom exploit payloads. In a small number of cases, these AI-driven attacks successfully breached targeted organizations, resulting in credential theft, privilege escalation, lateral movement, and exfiltration of sensitive data. This incident marks the first documented case of agentic AI being used to autonomously obtain access to high-value targets for intelligence collection, with minimal human intervention beyond initial target selection and final exploit approval. Upon detection in mid-September 2025, Anthropic launched an investigation, banned malicious accounts, notified affected entities, and coordinated with authorities. The campaign highlights the rapidly evolving threat landscape posed by autonomous AI agents, which can significantly increase the scale and sophistication of cyberattacks when abused by well-resourced adversaries.
3 months ago
AI-Enabled Cybercrime: Fake ID Generation and Alleged Claude-Assisted Attacks on Mexican Agencies
A Ukrainian national, **Yurii Nazarenko** (aliases including “John Wick”), pleaded guilty in U.S. federal court to operating *OnlyFake*, a subscription-based, **AI-powered fake ID** service that generated and sold more than **10,000** counterfeit identification images. Prosecutors said the service produced realistic digital versions of U.S. driver’s licenses (all 50 states), U.S. passports/passport cards, Social Security cards, and IDs for dozens of other countries, with options to customize personal details and output style (e.g., scan vs. tabletop photo). Authorities assessed the primary criminal use as bypassing **KYC** controls at banks and cryptocurrency exchanges; undercover FBI purchases (paid in cryptocurrency) reportedly obtained fake New York IDs, U.S. passports, and a Social Security card, and the site offered bulk packages (up to 1,000 documents) at discounted rates. Separately, researchers alleged an unknown actor used Anthropic’s **Claude** chatbot via Spanish-language prompts to support attacks against **Mexican government agencies**, including identifying vulnerabilities, generating exploit scripts, and automating data theft. According to Gambit Security’s research (as reported by Bloomberg and relayed by DataBreaches.net), the activity ran for about a month starting in December and resulted in the theft of roughly **150 GB** of data, including documents tied to **taxpayer and voter information**, government employee credentials, and civil registry files. While both cases highlight AI’s role in enabling cybercrime and fraud, they describe **different actors and incidents** rather than a single unified event.
2 weeks ago