Uffizi Galleries Faced Cyber-Attack, Maintains Security Intact

The Uffizi Galleries in Florence has confirmed they were subject to a cyber-attack - but denied that the security systems protecting its famous works had been compromised.

They stressed that nothing had been either damaged or stolen, after hackers were reported to have infiltrated the museum's IT systems and accessed sensitive security data.

Italian newspaper Corriere della Sera reported that hackers had infiltrated the museum's IT systems, allegedly extracting access codes, internal maps, and the locations of CCTV cameras and alarms, before issuing a ransom demand.

But the Uffizi Galleries contested this account, saying its security systems were inaccessible from the outside.

The attackers appeared to have moved through interconnected systems, computers, and phones, gradually piecing together a detailed picture of the museum's operations, Corriere reported.

A ransom demand was later sent to museum director Simone Verde's personal phone, the newspaper said, with a threat to sell the data on the dark web.

The Uffizi is home to some of Italy's most celebrated artworks, such as Botticelli's Birth of Venus and Primavera.

Corriere said the cyber-attack occurred between late January and early February, affecting not only the Uffizi but also its separate sites at Palazzo Pitti and the Boboli Gardens.

Ever since the Louvre museum in Paris was raided in broad daylight in October and priceless historic treasures stolen, all major museums have had to reassess their security.

The Uffizi said work to improve security had been accelerated both before and after the cyber-attack.

Its situation was nothing like the Louvre, it stressed, with analogue cameras replaced with digital ones, following recommendations made by the police in 2024.

Responding to claims that the hackers had found out the location of surveillance cameras and sensors, it said there was no evidence whatsoever that the hackers possessed any maps of the security systems.

No passwords were stolen - none whatsoever - because the security systems are entirely internal and closed-circuit, it said, adding that employees' phones had also not been compromised by the hack.

Two floors of the Palazzo Pitti normally house the Medici Treasure, so-called because the powerful Renaissance banking family spent their summers there, and it was claimed the hack had led to parts of the palace being closed since February 3, with valuable items temporarily transferred to a vault of the Bank of Italy for safekeeping.

The museum did not deny that the treasures had been taken to a bank vault but insisted the move was part of planned renovation work.

Some doors and emergency exits at the palace had been sealed with bricks and mortar, and staff instructed not to speak publicly about the incident, according to Corriere.

However, the Uffizi attributed the bricked-up doors in part to fire-safety measures.

Despite the controversy, the Uffizi remains open to visitors, with ticketing and public areas largely unaffected.