One of Italy’s most popular museums, Florence's Uffizi Galleries, which hosts masterpieces by Botticelli, Leonardo da Vinci, and Michelangelo, said on Friday that it was hit by a cyberattack earlier this year.

The Uffizi confirmed that a cyberattack took place on February 1st, but said that nothing had been damaged or stolen.

Hackers infiltrated the museum’s IT systems between the end of January and the beginning of February, the Italian newspaper Corriere della Sera reported, adding that its servers were emptied and the entire photographic department's archive was stolen.

The Uffizi responded that its server was intact because a backup existed. The museum acknowledged that the server was temporarily down, but explained that it was necessary to restore the backup, adding that no data has been lost in the process.

Corriere reported that threat actors accessed a treasure trove of data, including codes, passwords, alarm systems, internal maps, entrances, exits, and service routes. They also reportedly knew the locations of surveillance cameras and sensors.

The Uffizi disputed this, saying that there was "no evidence whatsoever that the hackers possessed any maps of the security systems" and that the replacement of its surveillance cameras had been recommended by the police in 2024 as part of a modernization plan.

It explained that anyone walking through a museum can see the location of security cameras since it’s a public place. The replacement works were accelerated after the Louvre Museum in Paris was raided in daylight, with thieves stealing jewels worth $102 million, the Uffizi added.

"The cameras had been in the process of being replaced for a year. The situation was not at all like the Louvre's. The Galleries did have cameras, but they were analogue and ⁠are ​now digital," the museum said.

The hackers also allegedly sent a ransom demand directly to the personal phone of the museum's director, Simone Verde, threatening to sell the data on the dark web if the museum doesn't pay up.

The museum transferred some valuable artefacts to a vault of the Bank of Italy and closed parts of the palace on February 3rd, but insisted that it did so as part of renovation work planned last autumn, according to the BBC.

Corriere added that emergency doors and exits had been sealed overnight with mortar and bricks, and employees were instructed not to speak about the incident.

The Uffizi claimed the move was also a part of the upgrade of its safety measures, as there had been no fire safety certification for decades. It said that other doors were sealed "to prevent excessive permeability of the historic building's spaces - structures dating back to the 1500s - considering their changed functions and the evolving international context".

The museum stated that no employees' phones had been compromised and no passwords were stolen: "No passwords were stolen - none whatsoever - because the security systems are entirely internal and closed circuit.”

The Uffizi, which welcomes over five million visitors annually, remains open, with its services largely unaffected.

---

Unlock more exclusive Cybernews content on YouTube.