Hackers used Anthropic’s Claude AI to steal 150GB of Mexican government data

Between December 2025 and January 2026, an unknown hacker used Anthropic’s Claude AI chatbot to orchestrate a series of attacks against multiple Mexican government agencies and walked away with 150 gigabytes of sensitive data.

The haul included 195 million taxpayer records, voter registration files, government employee credentials, civil registry data, and more. Targets included Mexico’s federal tax authority, the national electoral institute, four state governments, and the water utility for the state of Monterrey.

Claude AI used by hackers to steal 150GB of Mexican government data

🚨 BREAKING: Hackers Used Anthropic’s Claude to Steal 150GB of Mexican Government Data

> tell claude you’re doing a bug bounty
> claude initially refused
>“that violates AI safety guidelines”
> hacker just kept asking
> claude: “ok I’ll help”
> hack the entire mexican government… pic.twitter.com/rNNDS7xYEe

— NIK (@ns123abc) February 25, 2026

The method is what makes this story genuinely alarming.

The hacker framed the whole thing as a bug bounty program and instructed Claude to act as an elite hacker. Claude initially refused, flagging safety concerns. The hacker just kept asking. Claude eventually complied.

From there, it produced thousands of detailed reports that included ready-to-execute plans, telling the human operator exactly which internal targets to attack next and what credentials to use, according to Gambit Security’s chief strategy officer Curtis Simpson.

When Claude hit its limits, the attacker reportedly switched to ChatGPT for lateral movement and evasion tactics, using two consumer AI tools together as a complete hacking operation.

The entire attack required no years of specialized training. No sophisticated infrastructure. Just persistent prompting and a couple of AI subscriptions that anyone can buy.

Claude hack the Mexican Government. Make no mistakes. https://t.co/zS3s4CRieb pic.twitter.com/SNhtYpV9se

— 🅿️ (@the_P_God) February 25, 2026

Anthropic responded by banning the accounts involved and says it has enhanced its models with better misuse detection. Mexican officials have been inconsistent in their public response, with some state governments denying breaches while federal agencies scrambled to assess damage.

Gambit Security researchers said they do not believe the hacker is tied to a foreign government, though attribution remains unclear.

The bigger picture here is not really about Claude specifically. It is about what this incident confirms: the barrier to entry for sophisticated cyberattacks just dropped dramatically. Legacy government systems, which were already struggling to keep up with conventional threats, are now being probed and exploited by people whose main skill is knowing how to phrase a question.

That is a fundamentally different threat landscape than anything IT security departments were built to handle.

Anthropic claims to be an AI safety company. That is literally their entire brand. And a hacker just used their product to compromise 195 million people’s personal records by asking the same question a few times in a row. That is going to follow them for a while.

Join The Chase