An AI-assisted workflow allowed the attacker to map targets within hours, recover materials indicating more than 400 custom attack scripts, and develop 20 tailored exploits for 20 CVEs, accelerating operations beyond typical detection windows.

Researchers documented extensive tooling: 20 tailored exploits for 20 CVEs, 2,597 AI-generated reports, over 400 custom attack scripts (including Bash and Python), and 1,088 attacker prompts yielding 5,317 AI-executed commands across 34 sessions.

The breach enabled rapid network mapping and data exfiltration, analyzing 305 servers and generating 2,597 reports; unknown networks could be mapped in hours, a task that would normally take days or weeks.

Despite the sophistication, core defenses remain unchanged: timely patching, strong credential hygiene, network segmentation and robust endpoint detection and response are essential.

Even with advanced tooling, initial access and lateral movement relied on conventional security gaps in targeted agencies, underscoring significant technical debt and the need for foundational defenses.

The report's publication was delayed to give affected agencies time to respond, and the piece warns to maintain focus on AI-assisted cyber threats and strengthen basic security practices.

Damage spanned federal and city levels, with 195 million taxpayer records accessed at the federal SAT, over 220 million civil records in Mexico City, and full control over a 13-node Nutanix cluster in Jalisco, plus access to 37 databases containing health and domestic violence data.

Breach factors included outdated software, weak password hygiene, and insufficient network segmentation, with AI tools lowering barriers to finding vulnerabilities and executing attacks.

Entry points rested on basic gaps like unpatched systems, weak credentials, and weak network controls, showing AI amplified a standard attack pattern rather than creating a new method.

A single threat actor compromised nine Mexican government agencies between late December 2025 and mid-February 2026, stealing hundreds of millions of citizen records.

The operator exploited two AI platforms, Claude Code and GPT-4.1, to exfiltrate hundreds of millions of Mexican government records across nine agencies.

A synchronized operation breached nine agencies and extracted hundreds of millions of citizens’ data between December 2025 and February 2026.