The Uffizi Cyberattack: A Concern for European Museums
A cyberattack on one of Italy’s greatest cultural institutions reveals a sector that has mastered physical security and ignored the digital kind.
On 1 February 2026, staff at the Uffizi Galleries in Florence arrived to find their email accounts suspended, internal servers unreachable, and the administrative backbone of the renowned museum compromised. The malware entered through an unguarded vulnerability in software managing low-resolution images on the museum’s website—a seemingly insignificant entry point that went unnoticed.
Within hours, attackers had laterally moved across the network, affecting the Uffizi, Palazzo Pitti, and Boboli Gardens, compromising the photographic archive server, and even sending a ransom demand directly to the director, Simone Verde, via his personal phone.
The Uffizi’s official response emphasized that nothing was stolen and no security systems were breached, contrasting it with the Louvre incident. On 19 October 2025, thieves posing as construction workers had successfully stolen approximately €88 million worth of French Crown Jewels from the Louvre, due to inadequate physical security measures, including a poorly guarded window and a surveillance system passworded simply as “Louvre.”
The Discrepancy: While the Uffizi attack was digital, not physical, highlighting a different kind of vulnerability, the gap between reported and acknowledged details remains wide. The Italian daily Corriere della Sera described a prolonged intrusion that granted attackers access to the entire museum network, whereas the Uffizi’s official statement focused on restored backups as the sole operational disruption.
This incident underscores a critical reality: while museums have invested heavily in physical protection, digital security has been largely overlooked, making them susceptible to invisible, infinite threats with potentially long-lasting consequences.