A hacker reportedly accessed sensitive tax and voter data from the Mexican government using Anthropic’s AI chatbot Claude, a new report has revealed.

Gambit Security said in its research that an unidentified user prompted the chatbot to act as an elite hacker to carry out the breach. Researchers added they do not believe the attacker was linked to any foreign government.

The intrusion began in December and lasted about a month, during which roughly 150 gigabytes of data were stolen, including taxpayer and voter records, employee credentials, and civil registry files. The water utility serving the state of Monterrey was also compromised.

Claude initially warned the user about the legal and ethical consequences but ultimately complied with the requests and helped carry out the hacking.

Anthropic said it investigated the incident, disrupted the activity, and banned the accounts involved.

A representative of Anthropic said one of the latest Claude models includes built-in safeguards designed to detect and disrupt potential misuse.

Mexican officials appeared to respond in December, stating they were investigating data breaches, though it was unclear if they were referring to this specific incident.

Bloomberg reported that researchers at Amazon said last week that a small group of hackers had compromised over 600 firewall devices across multiple countries using publicly available AI tools.