The Uffizi Galleries in Florence have confirmed they were subject to a cyber-attack - but denied that the security systems protecting their famous works had been compromised. The Uffizi stressed that nothing had been either damaged or stolen, after hackers were reported to have infiltrated the museum's IT systems and accessed sensitive security data.
Italian newspaper Corriere della Sera reported that hackers had infiltrated the museum's IT systems, allegedly extracting access codes, internal maps, and the locations of CCTV cameras and alarms, before issuing a ransom demand. But the Uffizi contested this account, saying its security systems were inaccessible from the outside.
The attackers appeared to have moved through interconnected systems, computers, and phones, gradually piecing together a detailed picture of the museum's operations. A ransom demand was later sent to museum director Simone Verde's personal phone, with a threat to sell the data on the dark web.
The Uffizi is home to some of Italy's most celebrated artworks, such as Botticelli's Birth of Venus and Primavera. Corriere reported the cyber-attack occurred between late January and early February, affecting not only the Uffizi but also its separate sites at Palazzo Pitti and the Boboli Gardens. The museum later clarified that the hack had taken place on 1 February.
Ever since the Louvre museum in Paris was raided in broad daylight in October and priceless historic treasures stolen, all major museums have had to reassess their security. The Uffizi stated that work already underway had been accelerated before and after the cyber-attack.
Their situation was nothing like the Louvre, they stressed, with analogue cameras replaced with digital ones following police recommendations made in 2024. Responding to claims that hackers found out the locations of security cameras and sensors, the Uffizi said there was no evidence whatsoever that the hackers possessed any maps of the security systems.
Overall, despite the cyber-attack, the Uffizi remains operational, with ticketing and public areas largely unaffected. Meanwhile, concerns surrounding museum security continue to grow in light of recent events.}
Italian newspaper Corriere della Sera reported that hackers had infiltrated the museum's IT systems, allegedly extracting access codes, internal maps, and the locations of CCTV cameras and alarms, before issuing a ransom demand. But the Uffizi contested this account, saying its security systems were inaccessible from the outside.
The attackers appeared to have moved through interconnected systems, computers, and phones, gradually piecing together a detailed picture of the museum's operations. A ransom demand was later sent to museum director Simone Verde's personal phone, with a threat to sell the data on the dark web.
The Uffizi is home to some of Italy's most celebrated artworks, such as Botticelli's Birth of Venus and Primavera. Corriere reported the cyber-attack occurred between late January and early February, affecting not only the Uffizi but also its separate sites at Palazzo Pitti and the Boboli Gardens. The museum later clarified that the hack had taken place on 1 February.
Ever since the Louvre museum in Paris was raided in broad daylight in October and priceless historic treasures stolen, all major museums have had to reassess their security. The Uffizi stated that work already underway had been accelerated before and after the cyber-attack.
Their situation was nothing like the Louvre, they stressed, with analogue cameras replaced with digital ones following police recommendations made in 2024. Responding to claims that hackers found out the locations of security cameras and sensors, the Uffizi said there was no evidence whatsoever that the hackers possessed any maps of the security systems.
Overall, despite the cyber-attack, the Uffizi remains operational, with ticketing and public areas largely unaffected. Meanwhile, concerns surrounding museum security continue to grow in light of recent events.}
