Hackers Used Claude Code and GPT-4.1 to Breach Nine Mexican Government Agencies

A sophisticated cyberattack leveraging AI coding tools — specifically Anthropic’s Claude Code and OpenAI’s GPT-4.1 — resulted in the compromise of nine Mexican government agencies, with hundreds of millions of citizen records stolen. The campaign, which ran from late December 2025 through mid-February 2026, was disclosed on April 10 and represents one of the clearest documented cases of AI-accelerated offensive hacking at scale.

The attackers reportedly used Claude Code to rapidly develop exploitation scripts and GPT-4.1 to automate reconnaissance and data extraction across multiple government systems. The stolen data includes citizen identity records, tax information, and other sensitive government databases. Mexican authorities are working with international cybersecurity firms to assess the full extent of the damage and identify the threat actors.

Source

Reported by Cybersecurity News on April 10, 2026.

Commentary

This is the scenario that AI safety researchers have been warning about — frontier AI tools being weaponized to dramatically accelerate the attack lifecycle. What previously required specialized teams and weeks of development can now be prototyped in hours by a smaller group armed with AI coding assistants.

The uncomfortable reality: these aren’t jailbroken or modified models. Claude Code and GPT-4.1 are commercially available tools being used within their intended capabilities — writing code, automating tasks, and processing data. The distinction between “writing an exploit” and “writing code that happens to exploit a vulnerability” is razor-thin. This incident will undoubtedly intensify the debate around AI model guardrails, but the fundamental tension between capability and safety is not one that guardrails alone can resolve.