The Uffizi Galleries in Florence has confirmed they were subject to a cyber-attack - but denied that the security systems protecting its famous works had been compromised. They stressed that nothing had been either damaged or stolen, after hackers were reported to have infiltrated the museum's IT systems and accessed sensitive security data. Italian newspaper Corriere della Sera reported that hackers had infiltrated the museums' IT systems, allegedly extracting access codes, internal maps and the locations of CCTV cameras and alarms, before issuing a ransom demand. But the Uffizi Galleries contested this account, saying its security systems were inaccessible from the outside. The attackers appeared to have moved through interconnected systems, computers and phones, gradually piecing together a detailed picture of the museum's operations, Corriere reported. A ransom demand was later sent to museum director Simone Verde's personal phone, the newspaper said, with a threat to sell the data on the dark web. The Uffizi is home to some of Italy's most celebrated artworks, such as Botticelli's Birth of Venus and Primavera. Corriere said the cyber-attack occurred between late January and early February, affecting not only the Uffizi but also its separate sites at Palazzo Pitti and the Boboli Gardens. Ever since the Louvre museum in Paris was raided in broad daylight in October and priceless historic treasures stolen, all major museums have had to reassess their security. The Uffizi said work that was already under way had been accelerated both before and after the cyber-attack. Its situation was 'nothing like the Louvre', it stressed, with analogue cameras replaced with digital ones, following recommendations made by the police in 2024. Responding to claims that the hackers had found out the location of surveillance cameras and sensors, it said there was 'no evidence whatsoever that the hackers possessed any maps of the security systems'. Anyone walking through the museum could see were the cameras were, as was the case with any public space, it said, so there was little surprise that their location had been found out. 'No passwords were stolen - none whatsoever - because the security systems are entirely internal and closed-circuit,' it said, adding that employees' phones had also not been compromised by the hack. Two floors of the Palazzo Pitti, normally housing the 'Medici Treasure', were reported to have been closed since February 3, with valuable items temporarily transferred to a Bank of Italy vault for safekeeping. The museum did not deny that the treasures had been taken to a bank vault but insisted the move was part of planned renovation work. Although it appeared to acknowledge the server had been taken down, it said that was necessary for the backup to be restored with no data lost. Despite the controversy, the Uffizi, generating around €60m in annual revenue, remains open to visitors, with ticketing and public areas largely unaffected.
Uffizi Galleries Confirms Cyber-Attack Amid Security Concerns
Uffizi Galleries Confirms Cyber-Attack Amid Security Concerns
The Uffizi Galleries in Florence, Italy, has admitted to a cyber-attack affecting its IT systems but insists that no valuable art or sensitive security measures were compromised. The attack raises alarms about the security of cultural institutions worldwide.
The Uffizi Galleries confirmed they were the target of a cyber-attack but emphasized that their famous artworks and security systems remained intact. The incident, which occurred between late January and early February, involved hackers allegedly accessing sensitive data, but the museum claims that no passwords were stolen and that security systems are closed off from external access.
