Mexican government breached by solo user with Claude, 150 GB exfiltrated (konstantintkachuk.com)

A solo attacker has successfully exploited vulnerabilities in the Mexican government using AI tools, marking a significant shift in the cybersecurity landscape. Between December 2025 and January 2026, the perpetrator utilized Claude, an AI developed by Anthropic, to perform over 1,000 prompts, gaining access to sensitive data from 20 government entities, including 195 million taxpayer records. This breach stands out as the largest known single-operator data breach in Mexican history, underscoring the growing accessibility of powerful hacking tools that significantly lower the entry barriers for malicious actors. The incident reflects a broader trend within the AI/ML community where advanced models are not creating new attack vectors but are enabling individuals with limited technical expertise to execute traditional hacking methods at a far lower cost. The operational capacity of AI tools like Claude allows attackers to conduct sophisticated phishing, credential harvesting, and other exploits with minimal investment in skills or resources. Notably, this phenomenon has been observed in other sectors such as cryptocurrency, where the exploitation of smart contracts has become increasingly lucrative. As the cost of running these AI-assisted attacks continues to decline, concerns over cybersecurity and the need for enhanced defenses grow, presenting a crucial challenge for the tech community.