Gambit Security

An AI agent wiped a production database, 2.5 years of data, and every snapshot with a single Terraform command. Assuming business continuity in the age of AI is not an option. The question isn't "could this happen to us?" It's "how do we get back to business?" Gambit answers that continuously, automatically, before an incident forces the answer on you.

@CyberIL העולם משתנה וגם תפיסת ההגנה צריכה להשתנות. @eyalsela ב-@gambit_security מצא וחקר את האירוע - אחת הפריצות הממשלתיות הגדולות ביותר, שבוצעה כמעט לגמרי על ידי AI. gambit.security/blog-post/prev…

דיווח מעניין של בלומברג על תוקף שהצליח לעקוף את ההגנות של קלוד ולהשתמש בו כדי לפרוץ ולגנוב מידע ממשרדי ממשלה במקסיקו ☁️ לפי הדיווח, לאחר שהתוקף הצליח לעקוף את ההגנות של קלוד, הוא קיבל מקלוד אלפי תכניות פעולה הכוללות חולשות שמצא, איך לתקוף, באילו נתוני ה… t.me/CyberSecurityI…

9 government organizations hit, 195M identities and tax records, 15.5M vehicle registry records, 3.6M property owner records, and more. All by a small group with the same AI tools everyone uses. The uncomfortable truth: only 5% of enterprises can actually recover from an attack like this. The rest are running on assumptions nobody's validated. Outsmart Disruption. Gambit Blog: gambit.security/blog-post/prev…

Times Square. Nasdaq. Us. Thank you for noticing, Nasdaq. We're just getting started.

@DeItaone We found this. Attackers do scale exponentially while defenders scale linearly. Resilience is the way to close that gap.

HACKER USED ANTHROPIC’S CLAUDE TO STEAL SENSITIVE MEXICAN DATA A hacker used Anthropic’s Claude chatbot to breach Mexican government systems, stealing 150GB of sensitive data, including taxpayer and voter records. Researchers at Gambit Security say the attacker used AI to find vulnerabilities, write attack scripts, and automate theft—eventually bypassing safeguards through repeated “jailbreak” attempts. The breach hit multiple agencies across Mexico, highlighting how AI is accelerating cybercrime. Bottom line: AI is becoming a powerful tool for hackers, raising urgent cybersecurity risks.

@elonmusk We're @gambit_security - our researchers found and disclosed this. The hard lesson: knowing you won't be hit is not a strategy. Knowing you'll recover is.

@Osint613 We identified and disclosed this attack. 150GB gone - and most orgs still can't answer: what recovers clean, how fast, at what cost? Detection is one layer. Resilience is the whole answer.

A hacker exploited Anthropic’s Claude AI to break into Mexican government systems, making off with roughly 150GB of data, including 195 million taxpayer records. Researchers say the attacker “jailbroke” the AI to skirt safeguards. Both Anthropic and OpenAI have banned the accounts.

@Techmeme Our researchers found and disclosed this. The real question it surfaces: when disruption hits, does your stack actually hold and recover? Most organizations still can't prove it.

Gambit Security: an unknown hacker used Claude to steal 150GB of Mexican government data, including 195M taxpayer records, in December 2025 and January 2026 (Bloomberg) bloomberg.com/news/articles/… #a260225p24" target="_blank" rel="nofollow noopener">techmeme.com/260225/p24#a26… 📥 Send tips! techmeme.com/contact

@ns123abc We're @gambit_security - our researchers identified and disclosed this attack. This is exactly why resilience isn't optional: threats evolve faster than defenses adapt. The only sustainable answer is knowing your systems will recover when something gets through.

🚨 BREAKING: Hackers Used Anthropic’s Claude to Steal 150GB of Mexican Government Data > tell claude you’re doing a bug bounty > claude initially refused >“that violates AI safety guidelines” > hacker just kept asking > claude: “ok I’ll help” > hack the entire mexican government Federal tax authority. National electoral institute. Four state governments. 195 million taxpayer records. Voter records. Government credentials. ALL GONE 💀

A s/o from Elon Musk on the day we launch is quite a grand entrance. Risk management is broken. Resilience is the priority.

Today we exposed how Claude was exploited to steal sensitive Mexican data. Attackers scale exponentially. Defenders scale linearly Risk management is broken. Resilience is the priority. Appreciate the @elonmusk s/o on our launch day. 🚀 gambit.security