Bloomberg: Hacker Used Anthropic's Claude to Steal Mexican Data Trove

On February 25, 2026, Bloomberg's Andrew Martin and Carolina Millan published an in-depth report on Gambit's research into one of the largest government breaches on record. The piece details how an unknown attacker used Anthropic's Claude as an operational tool, issuing over 1,000 Spanish-language prompts to find vulnerabilities, write exploits, and automate data theft across Mexican government networks.
Bloomberg cited Gambit research throughout. The investigation found that ten government bodies and one financial institution were affected, approximately 195 million identities exposed, and roughly 150 GB of data exfiltrated — including tax records from the federal tax authority, voter records from the national electoral institute, civil registry files from Mexico City, and government employee credentials from state administrations in Jalisco, Michoacán, and Tamaulipas. The attacker operated as a single individual but achieved the operational scale of a nation-state team.