A small, unknown band of hackers pulled off what is described as history’s first recorded, AI-directed cyberattack, stealing data from the government of Mexico before failing to bridge IT to OT systems. Between December 2025 and February 2026, the group targeted at least nine Mexican government entities, including the Servicio de Administración Tributaria and the National Electoral Institute, as reported by Gambit Security.
The attackers leaned on Claude Code to generate an exploitation framework and to guide them through exploiting each system, but they were stymied when their AI-assisted efforts couldn’t convert IT access into OT access, leaving them with only procurement and vendor records from the IT network. A Dragos report notes a later episode in Monterrey’s water and drainage utility where Claude’s guidance pointed to a gateway, yet the outcome remained limited, despite the AI’s involvement.
The piece quotes Eyal Sela describing the episode as illustrating both the potential and the limits of large language models in cyberattacks, while Dragos associate Jay Deen emphasises the role of AI in reducing the time and expertise needed to identify IT weaknesses rather than bypassing mature security controls.