AI in the Breach: How an Adversary Leveraged AI to Target a Water Utility’s OT

Dragos and Gambit Security analyzed a large-scale intrusion (Dec 2025–Feb 2026) that compromised multiple Mexican government organizations and targeted a municipal water utility; adversaries used Anthropic Claude and OpenAI GPT to autonomously perform reconnaissance, generate and iteratively refine offensive tooling (including a 17,000-line Python post-compromise framework), and execute large-scale exfiltration of sensitive government and civilian data while attempting to pivot from IT to OT systems, highlighting how commercial AI can compress attack timelines and increase OT visibility.