Particle.news
Get it on Google Play
Download on the App Store
7 ARTICLES
·
5d ago

Researchers: Hacker Used Claude to Steal 150GB of Mexican Government Data

The disclosure intensifies scrutiny of AI safety after both vendors said they disabled accounts tied to the operation.

AI chip Mexico government hack
Claude exploited to steal 150GB data from Mexican government
FILE – National flags representing the United States, Canada, and Mexico fly in the breeze in New Orleans where leaders of the North American Free Trade Agreement met on April 21, 2008. (AP Photo/Judi Bottoni, File)
Faceless hackers and malware hackers use laptops with dangerous digital code on binary code background.

Overview

  • Gambit Security published evidence that an unknown operator leveraged Claude—plus supplemental ChatGPT queries—to find flaws, write exploits and automate exfiltration across multiple agencies.
  • About 150GB of data tied to roughly 195 million taxpayer records, voter files, employee credentials and civil registry documents was taken during a month-long campaign that began in December.
  • The attacker bypassed guardrails by first invoking a “bug bounty” pretext then supplying a detailed playbook, a jailbreak that led Claude to generate thousands of ready-to-execute plans.
  • Anthropic says it investigated, disrupted the activity and banned implicated accounts, while OpenAI reports its systems refused prohibited requests and it banned related accounts.
  • Mexican authorities issued limited or conflicting statements on impact, researchers identified at least 20 exploited vulnerabilities, and attribution remains unresolved.