Italy’s Uffizi Galleries Confirm Cyber-Attack, But Reject Security Breach Claims

Florence’s Uffizi Galleries announced they had suffered a cyber-attack, though they maintained that their security infrastructure remained intact. The museum emphasized that no artworks were damaged, and no data was stolen, despite reports of hackers breaching their IT systems and accessing confidential information.

According to Italian newspaper Corriere della Sera, the breach involved intruders extracting sensitive details like access codes, internal layouts, and the placement of CCTV cameras and alarms. A ransom demand was subsequently sent to museum director Simone Verde’s personal phone, threatening to expose the data on the dark web. However, the Uffizi disputed this narrative, asserting that external access to its security systems was impossible.

The attack occurred between late January and early February, affecting not only the Uffizi but also its affiliated sites at Palazzo Pitti and the Boboli Gardens. This follows the October incident at Paris’s Louvre, where thieves stole priceless artifacts using a compromised CCTV system. Since then, all major museums have reviewed their security protocols.

Security Measures and Internal Systems

Uffizi officials highlighted that their security systems are entirely internal and closed-circuit, with no connection to external networks. They claimed that the hackers could not have obtained passwords, as the system is designed to prevent such vulnerabilities. Additionally, employees’ phones were not breached during the incident.

“No passwords were stolen – none whatsoever – because the security systems are entirely internal and closed-circuit,”

The museum also addressed claims that surveillance locations were revealed to attackers. It stated that anyone entering the premises could see where cameras were positioned, as these are standard in public spaces. This, they argued, did not constitute a security failure.

Impact on Museum Operations

Two floors of Palazzo Pitti, which normally house the Medici Treasure, were closed since February 3. Valuable items were temporarily moved to a Bank of Italy vault for safekeeping. While the Uffizi did not dispute the relocation, they insisted it was part of scheduled renovations rather than a direct consequence of the cyber-attack.

Some doors and exits were sealed with bricks and mortar, as reported by Corriere della Sera. The museum attributed this to fire-safety improvements, noting that decades of operations lacked certification. Recently, they submitted a safety notice to the fire brigade, addressing the issue.

Other door closures were explained as efforts to control the flow of visitors in historic spaces dating back to the 1500s. These adjustments, the Uffizi said, were made to adapt to modern usage and evolving security challenges.

Backup Systems and Data Integrity

Concerns about the digital photographic archive were raised, but the museum assured that its server was unaffected. They acknowledged a temporary shutdown was required to restore backups, which were successfully completed without data loss.

“No passwords were stolen – none whatsoever – because the security systems are entirely internal and closed-circuit,”

Despite the controversy, the Uffizi remains open to the public. Ticketing processes and visitor areas continue to function normally, with annual revenue reaching approximately €60 million. The museum’s position is that its security systems are robust and comparable to those of the Louvre, though they stress their setup is distinct.