AI Threats Affecting Government Institutions

How AI-enabled threats affect public administrative bodies — through compromised decision-making, data breaches, or loss of public trust. Includes agencies, ministries, and municipal governments.

organizations

How AI Threats Appear

For government institutions, AI-enabled threats most commonly surface through:

Compromised public decision-making — AI systems used in welfare, criminal justice, immigration, or taxation that produce biased, opaque, or erroneous decisions affecting citizens
Data breaches and surveillance overreach — Government AI systems that collect or process citizen data beyond their mandate, or that are compromised by external attackers
AI-generated disinformation — Synthetic media and AI-generated content targeting government credibility, public health messaging, or institutional legitimacy
Procurement and vendor risks — Dependency on commercial AI providers without adequate oversight, audit rights, or public accountability mechanisms
Erosion of public trust — Incidents involving government AI that undermine citizen confidence in institutional fairness and competence

Relevant AI Threat Domains

Discrimination & Social Harm — Biased AI in public services affecting equitable access
Privacy & Surveillance — Government surveillance systems and citizen data management
Information Integrity — AI-generated disinformation targeting public institutions
Human-AI Control — Loss of institutional oversight over AI-mediated public decisions

What to Watch For

Indicators of AI-related institutional risk:

Public-facing AI systems without transparent appeal or review mechanisms
AI procurement contracts that lack audit rights, explainability requirements, or performance benchmarks
Citizen-facing automated decisions with no human review pathway for complex cases
AI surveillance systems deployed without adequate legal basis or proportionality assessment
Cross-agency data sharing through AI systems without clear data governance frameworks

Regulatory Context

EU AI Act — Classifies many government AI applications (law enforcement, migration, social benefit administration) as high-risk with mandatory conformity assessments
NIST AI RMF — Provides federal guidance for AI risk management in US government contexts
OECD AI Principles — Establish international norms for trustworthy AI in public sector applications
Many jurisdictions require algorithmic impact assessments for government AI deployments

For classification rules and evidence standards, refer to the Methodology.

→ Explore AI Threat Domains

→ View documented Incidents

Last updated: 2026-03-03 · Back to Affected Groups

Incidents Affecting Government Institutions

Documented incidents where government institutions were directly affected by AI-enabled harm.

INC-24-0026

NYC MyCity AI Chatbot Advises Businesses to Break the Law

Information Integrity

System: MyCity chatbot, built on Microsoft Azure AI, cost approximately $600,000
Deployer: New York City government (launched October 2023 by Mayor Eric Adams)
Illegal advice documented: Taking workers' tips, refusing Section 8 vouchers, locking out tenants, no rent restrictions, incorrect minimum wage, refusing cash payments, concealing funeral prices

View record → INC-25-0011

Deloitte AI-Fabricated Citations in Government Advisory Reports

Human-AI Control

Fabricated content: Over 20 fabricated references in the Australian report, including non-existent academic papers
Fabricated legal citation: A quote was falsely attributed to a federal court judgment
AI tool used: Azure OpenAI, as disclosed by Deloitte

View record → INC-25-0016

Heber City AI Police Report Generates Fictional Content from Background Audio

Human-AI Control

Context: AI-assisted police report writing deployed in Heber City, Utah (December 2025)
Error: AI system incorporated dialogue from a Disney film into an official police report
Cause: Background audio from "The Princess and the Frog" was captured and processed as relevant input

View record → INC-25-0026

CrimeRadar AI App Sends False Crime Alerts Across U.S. Communities

Information Integrity

App: CrimeRadar by Scoopz Inc. (Mountain View, CA); over 2 million users; ~700,000 downloads in one recent month
Mechanism: AI speech-to-text converts police radio to alerts; system misinterprets routine chatter as violent crime reports
Key false alerts: "Firearms discharged at elementary school" (fire alarm pull), "officer shot" (charity event), false teen shooting (audio from wrong counties)

View record → INC-26-0011

Jailbroken Claude AI Used to Breach Mexican Government Agencies

Security & Cyber

Jailbreak method: Spanish-language prompts with role-playing as "elite hacker" in fictional bug bounty scenario<a href="#source-4">[4]</a>
Scale of prompting: Over 1,000 prompts sent to Claude Code; some information also passed to GPT-4.1<a href="#source-2">[2]</a>
Tools generated: Vulnerability scanning scripts, SQL injection exploits, automated credential-stuffing tools<a href="#source-1">[1]</a>

View record → INC-26-0001

Disrupting malicious uses of AI: June 2025 | OpenAI

Information Integrity

Source: openai.com
Date: 2026-02-18
Keywords matched:

View record → INC-24-0011

EU AI Act Enters Into Force as World's First Comprehensive AI Regulation

Systemic Risk

Legislation: Regulation (EU) 2024/1689 (EU AI Act)
Effective date: August 1, 2024 (entry into force); phased implementation through August 2026
Classification system: Four risk tiers (unacceptable, high, limited, minimal)

View record → INC-23-0001

AI Deepfake Impersonation Campaign Targeting Senior U.S. Government Officials

Information Integrity

Campaign duration: Active since at least January 2023 through present (as of December 2025)
Targets: Senior U.S. government officials, their personal contacts, family members, and professional acquaintances
Officials impersonated: White House staff, Cabinet-level officials, members of Congress, state governors

View record → INC-25-0001

AI-Orchestrated Cyber Espionage Campaign Against Critical Infrastructure

Security & Cyber

Threat actor: Suspected Chinese state-sponsored group designated GTG-1002
Method: Agentic AI (Claude Code) used to automate the majority of the cyber espionage workflow
AI autonomy: An estimated 80–90% of the attack was executed autonomously by AI

View record → INC-20-0001

Clearview AI Mass Facial Recognition Scraping

Privacy & Surveillance

Method: Automated scraping of facial images from publicly accessible websites and social media platforms
Database size: Over 30 billion images as of 2022
Clients: Primarily law enforcement agencies in the United States and other countries

View record → INC-23-0003

Italy Temporary Ban on ChatGPT for GDPR Violations

Privacy & Surveillance

Regulatory authority: Garante per la Protezione dei Dati Personali (Italian Data Protection Authority)
Duration of ban: March 31 to April 28, 2023 (approximately one month)
Grounds: Absence of legal basis for data processing, no age verification, inaccurate personal information generation, insufficient transparency

View record →

How to Read These Records

Each record documents a specific, verifiable event in which AI-enabled harm occurred.

Focus on observable impact, not technical implementation
Note the primary threat category and secondary intersections
Use sources and stable identifiers to verify context