AI-Powered Cyberattack on Mexican Government Exposes Hundreds of Millions of Records
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure.
A single threat actor successfully leveraged artificial intelligence platforms to breach nine Mexican government agencies.
The campaign, which operated from late December 2025 through mid-February 2026, resulted in the exfiltration of hundreds of millions of citizen records.
This incident highlights a severe escalation in AI-powered cyber threats, demonstrating how easily commercial AI tools can be weaponized against critical infrastructure.
Weaponizing Commercial AI Platforms
The attacker heavily relied on two leading commercial AI platforms: Anthropic’s Claude Code and OpenAI’s GPT-4.1.
According to Gambit Security, Claude Code was responsible for generating and executing approximately 75% of the remote commands during the attack.
To process the massive amounts of stolen data, the operator deployed a custom 17,550-line Python tool that connected directly to OpenAI’s API. This automated system took raw reconnaissance data from internal servers and seamlessly transformed it into highly structured intelligence reports.
The efficiency gained through AI allowed a single operator to achieve the output typically expected from an entire team of advanced threat actors.
Scale and Scope of the Attack
The custom API integration successfully analyzed 305 internal servers, producing 2,597 distinct intelligence reports.
Forensic analysis revealed an extensive arsenal of AI-generated tools, including over 400 custom attack scripts and 20 tailored exploits designed for 20 different Common Vulnerabilities and Exposures (CVEs).
Throughout 34 live sessions on the victim’s infrastructure, the attacker logged 1,088 individual prompts that instantly generated 5,317 executable commands.
Speed and Efficiency as Tactical Advantage
This campaign drastically compressed the time needed to map unfamiliar networks and develop custom exploits, reducing the complex process from days to mere hours.
By using AI to automate reconnaissance and exploit generation, the operator easily bypassed standard detection and response windows. This rapid operational tempo effectively outpaced the defending security teams, turning unfamiliar internal systems into mapped, vulnerable targets before network defenders could register the anomaly.
The Real Problem: Fundamental Security Gaps
Despite the advanced AI methods used to accelerate the attack, the initial breach relied on exploiting fundamental security gaps rather than entirely new attack vectors.
The targeted organizations failed to implement standard security controls that could have prevented the disaster. Security researchers note that basic practices like routine patching, regular credential rotation, proper network segmentation, and robust endpoint detection systems would have stopped the intrusion.
Organizations that consistently ignore technical debt now face a fundamentally different threat environment where AI has collapsed the cost and complexity of breaching mission-critical systems.