Hackers at the Uffizi, the museum denies: 'No passwords stolen, closed-circuit systems'
Hackers at the Uffizi, the museum denies: 'No passwords stolen, closed-circuit systems'
In the early hours of February 1, 2026, a group of hackers breached the servers of the Gallerie degli Uffizi in Florence, one of the most important museum complexes in the world, which also includes Palazzo Pitti and the Boboli Gardens. The infiltration was not a sudden attack: according to reports, the cybercriminals had operated silently for weeks, exploiting a vulnerability in the low-resolution image management software published on the institutional website.
What was taken
From the servers, the entire archive of the photography cabinet, access codes, passwords, internal maps of the buildings, locations of surveillance cameras and sensors, service routes, and emergency exits were reportedly exfiltrated. Data that, in the wrong hands, would allow for an accurate reconstruction of the operational topography of the museum. The ransom demand arrived directly on the phone of director Simone Verde, with the threat to sell the stolen material on the dark web.
As an immediate precautionary measure, the management ordered the transfer of the most valuable pieces of the Grand Dukes' Treasure to the vault of the Bank of Italy and had some doors and emergency exits bricked up with lime and bricks. An entire wing of Palazzo Pitti was temporarily closed to the public. The investigations have been entrusted to the Public Prosecutor's Office, the Postal Police, and the National Cybersecurity Agency.
The museum's denial
Two months later, the Uffizi Galleries have now released an official statement from director Verde that partially denies the reconstruction: "No damage was done nor was any theft committed. No passwords were stolen. None at all, because the security systems are internal closed-circuit and not open to the outside." The museum also specifies that the replacement of cameras had already been underway for over a year, regardless of the attack, and that there is no evidence of the hackers possessing operational maps on security.
The talk returns to the cybersecurity of Italy's cultural heritage: just days before the attack on the Uffizi, a ransomware attack also affected the systems of the University La Sapienza in Rome. The picture that emerges is one of cultural infrastructures historically under-invested in IT, exposed to threats that just a few years ago seemed reserved for large industrial or financial groups.