Italy’s famed Uffizi admits cyber-attack but denies security breach

Italy’s famed Uffizi admits cyber-attack but denies security breach

The Uffizi Galleries in Florence confirmed a recent cyber-attack had occurred, yet asserted that their security infrastructure remained intact. The museum emphasized that no damage or theft had taken place, following reports that hackers had breached its IT network and accessed confidential security information.

Details of the Breach

According to Italian newspaper Corriere della Sera, the breach involved unauthorized access to the museum’s internal systems, where intruders reportedly retrieved security access codes, floor plans, and the positions of surveillance cameras and alarm systems. A ransom demand was then issued via a call to museum director Simone Verde’s personal phone, threatening to leak the data on the dark web.

“There is no evidence whatsoever that the hackers obtained any maps of the security systems,” the Uffizi stated, noting that all sensitive data was accessed through interconnected digital networks. They clarified that employees’ phones had not been compromised and that the security systems were entirely internal, with no external access.

The incident reportedly spanned late January to early February, impacting not only the Uffizi but also its associated sites at Palazzo Pitti and the Boboli Gardens. The museum acknowledged that some doors at Palazzo Pitti were sealed with bricks and mortar, and valuable artifacts were temporarily relocated to a Bank of Italy vault. However, they insisted these actions were part of ongoing renovation efforts, not a direct result of the cyber-attack.

Comparisons to the Louvre Incident

Following the daylight theft at the Louvre in Paris last October, where masked thieves exploited outdated CCTV systems, all major museums have been forced to reassess their security protocols. The Uffizi highlighted that its security measures were upgraded in 2024, replacing analog cameras with digital ones. They argued that the Louvre’s vulnerability was not mirrored in their operations.

Despite the controversy, the Uffizi remains open to the public, with ticketing and visitor areas unaffected. The museum, which generates approximately €60 million in annual revenue and ranks as Italy’s second-most visited site after the Vatican, continues to operate normally. Officials noted that the digital photographic archive was fully functional, as a backup system ensured no data loss during temporary system downtime.