The week of April 20-28, 2026, revealed a troubling reality: agentic AI systems are becoming both powerful tools for legitimate work and dangerous weapons for cybercriminals. The most striking example came from Mexico, where security researchers discovered that a single hacker had weaponized Claude Code and OpenAI's GPT-4.1 as autonomous agents to attack nine Mexican government agencies. These AI tools acted like digital workers, automatically executing thousands of commands across multiple hacking sessions. The attacker issued 5,317 different actions across 34 separate sessions, demonstrating the incredible speed and scale that AI agents can achieve. The breach exposed approximately 195 million taxpayer records and 220 million civil records, making it one of the most massive data thefts involving agentic AI. What made this attack especially concerning was how the hacker bypassed safety filters built into the AI systems through a technique called prompt manipulation and by injecting a hacking manual into the AI's instructions.

On a more positive note, Snowflake, a major cloud data company, took steps to protect against these emerging threats. The company announced that Cortex AI Guardrails are now generally available to customers. These guardrails work as a security layer that runs in real-time to block prompt injection attacks and jailbreak attempts on their Cortex Code system. Think of guardrails like security guards for AI systems—they catch bad guys trying to trick the AI into doing something harmful. Snowflake also launched Cortex Search request monitoring to help customers track how their AI search tools are being used, including watching for suspicious patterns. Additionally, the company expanded storage lifecycle policies to support archival on Google Cloud, giving businesses more options for protecting their data long-term.

Another security incident involved Context.ai, a third-party AI tool that connected to business systems through employees' personal accounts. At Vercel, an American cloud company, an employee granted Context.ai extensive permissions, including access to Google Cloud Platform resources. Unfortunately, Context.ai had already been compromised by attackers, who then used those permissions to break into Vercel's internal systems. The attackers were able to access and decrypt non-sensitive environment variables stored on the platform. This incident shows how AI tools, even helpful ones, can become security risks if they fall into the wrong hands.

Beyond these agentic AI security concerns, data protection experts worldwide have raised alarm bells about AI-generated imagery. Sixty-one data protection authorities from around the globe issued a joint statement warning that AI systems can now create realistic images and videos of real people without permission, creating serious privacy concerns. These artificial videos and images raise difficult questions: What happens when AI creates fake videos of someone? Who is responsible? How do we protect people's identities? These questions are becoming urgent as the technology improves rapidly.

Looking at the broader data privacy landscape this week, it's clear that agentic AI systems are changing how both businesses and criminals operate. Legitimate companies like Snowflake are racing to add security features to protect customers, while attackers in countries like Mexico are exploiting these powerful tools. The balance between using AI to make work easier and protecting everyone's data has never been more delicate. Organizations around the world need to understand these risks and implement strong security measures when working with AI agents.