Stay updated with the latest Cybersecurity News on our TecnetBlog.

AI Students Exposed: How Weak Government Security Endangers Youth

Written by Gustavo Sánchez | Nov 21, 2025 1:00:01 PM

During the first days of the new Public Training Center for Artificial Intelligence—promoted by the government as “the largest in Latin America”—hundreds of young people proudly shared their acceptance into the program. Hashtags like #LabMexIA, #MéxicoPaísDeInnovación, and #EstudioIAGratis spread across social media as students and families celebrated what seemed like a major opportunity for social mobility.

But while authorities showcased the project, organized crime was already watching the conversation. For many criminal groups, a young person learning AI is not just a student: it’s a strategic asset. A valuable profile for developing tools, automating illicit operations, and strengthening criminal capabilities.

And in a country where digital recruitment is rapidly expanding, the massive exposure of these students’ data has become a real threat.

 

Organized Crime Is Already Using Social Platforms to Recruit Youth

 

According to the Strategic Governance Mechanism (updated in 2024), 27% of youth recruitment happens exclusively through digital platforms. TikTok, Instagram, WhatsApp, Discord, Twitch, and games like Free Fire, Fortnite, Call of Duty, and Roblox serve as channels to contact, persuade, and manipulate teenagers.

The offers sound irresistible:

 

  1. Payments from 15,000 to 50,000 pesos per month

 

  1. Virtual rewards

 

  1. Deposits via convenience stores

 

  1. “Work-from-home” jobs as programmers or cybersecurity techs

 

But once inside, young people are pressured into criminal tasks: surveillance, drug dealing, extortion, virtual kidnapping, or even violent activities.

Criminals know exactly how to exploit the economic and emotional needs of vulnerable youths.

 

A Perfect Context for Recruitment: Vulnerable Students and Exposed Data

 

Seven out of ten minors recruited by criminal groups come from homes affected by violence, poverty, or emotional neglect. That same vulnerability is present among the 10,000+ students enrolled in the new AI Center—many from public schools and low-income households.

For them, learning AI could provide a real path toward better income. But that same motivation makes them ideal targets for deceptive job offers.

On top of this, hundreds of students publicly posted their name, city, school, photo, and training location—making it extremely easy for criminal groups to locate them. No government database needs to be hacked; a simple scroll on TikTok or Instagram is enough.

And unfortunately, the government’s recent cybersecurity track record does not inspire confidence.

 

Learn more: Mexico at a Crossroads: Build a Strong Cybersecurity Strategy

 

Government Cybersecurity Failures Have Already Opened the Door

 

During 2025, Mexico’s Ministry of Education (SEP) suffered multiple incidents:

 

  1. Breaches of educational platforms in April

 

  1. A leak of 75,000 scholarship students in Mexico City between May and June

 

  1. Compromised databases in four states in October

 

  1. No public clarifications throughout November

 

At TecnetOne, we analyzed these events and the pattern is clear: there is no serious data protection strategy in the educational sector.

If scholarship programs suffered massive leaks, what could happen to a program that concentrates highly visible, tech-driven youth?

To make things worse, internal sources confirmed:

 

  1. No protection protocol against digital recruitment

 

  1. No agreements with TikTok, Meta, Discord, or Twitch to monitor cartel-linked accounts

 

  1. No clear cybersecurity policy for students

 

In summary: thousands of students have been exposed without even basic protection.

 

Six Program Locations Are in High-Risk Recruitment Zones

 

The first ten centers opened in areas already facing severe digital recruitment issues:

 

  1. Tláhuac (Mexico City)

 

  1. Tijuana (Baja California)

 

  1. Cuernavaca (Morelos)

 

  1. Puebla

 

  1. Morelia (Michoacán)

 

  1. Ciudad Victoria and Tampico (Tamaulipas)

 

These regions are already targeted by cartels combining territorial control with sophisticated digital campaigns. Analysts have identified tactics such as:

 

  1. Bots in video games tracking players by location

 

  1. Fake job offers aimed at teens in cartel-influenced neighborhoods

 

  1. Accounts posing as tech companies

 

  1. Videos of teens volunteering themselves to criminal cells due to financial need

 

With a massive program like the AI Center, criminals need only sit back and wait for students to expose themselves.

 

The Perfect Target: Young People with Technical Training

 

Criminal groups are not just looking for cheap labor—they want specialized talent.

Between 2022 and 2025, authorities documented cases of youth recruited for:

 

  1. Facial recognition using city cameras

 

  1. Deepfake creation for extortion

 

  1. Mass recruitment bots

 

  1. Database analysis

 

  1. Operation of AI-assisted armed drones

 

  1. Automated phone extortion chatbots

 

  1. Encrypted communication systems

 

These are exactly the skills the Public AI Center will teach thousands of students.

For organized crime, this is not a coincidence—it’s an opportunity.

 

Similar titles: Is the Mexican Government Being Hacked by Its Own Employees?

 

How Exposed Are the Students Really?

 

Even though enrollment is managed through Llave MX, the application process was public. And without any control over what students posted, many publicly shared:

 

  1. Full name

 

  1. School

 

  1. City

 

  1. Schedule

 

  1. Training location

 

  1. Photos and personal information

 

For a criminal, this is pure gold. No need to hack any database—just basic OSINT tools (the same we use at TecnetOne for corporate investigations) are enough to build student profiles.

The risk isn’t only from technical leaks: voluntary exposure is already enough.

 

The Core Problem: It’s Not Just Cybersecurity—It’s a Lack of Strategy

 

While the government celebrates the new center as a symbol of “technological sovereignty,” there is no:

 

  1. Action plan for attempted recruitment

 

  1. Psychological support protocol

 

  1. Monitoring of social platforms for suspicious interactions

 

  1. Digital risk awareness campaigns

 

  1. Collaboration with tech platforms

 

  1. Cybersecurity teams focused on student protection

 

Without these measures, young people remain defenseless.

And the cartels already dominate the digital game.

 

The Threat Is Real, Not Hypothetical

 

If, in the coming months, a case emerges of a student collaborating with CJNG or the Sinaloa Cartel, it would not be a surprise. Their data has been public for weeks, cartels actively operate online, and thousands of students face economic vulnerability.

The alarming part? This exposure was entirely avoidable.

And while the government celebrates the project, the real risk falls on the students.
View full post