Florence’s Uffizi Galleries have confirmed they were the target of a cyber-attack earlier this year. However, the museum is pushing back hard against reports that its world-famous art collection was ever at risk.
The attack, which the Uffizi says took place on 1 February, also affected its sister sites at Palazzo Pitti and the Boboli Gardens. According to Italian newspaper Corriere della Sera, hackers infiltrated the museum’s IT systems and gradually worked their way through interconnected computers and phones, piecing together a detailed picture of the gallery’s internal operations. They allegedly extracted access codes, internal maps, and the locations of CCTV cameras and alarms.
A ransom demand was subsequently sent to museum director Simone Verde’s personal phone, with a threat to sell the stolen data on the dark web.
The Uffizi says its art was never in danger
The museum has been at pains to stress that none of its artworks, which include Botticelli’s Birth of Venus, were damaged, stolen or put at risk.
“No passwords were stolen, none whatsoever, because the security systems are entirely internal and closed-circuit,” the Uffizi stated. The museum added that employees’ phones had also not been compromised.
On the question of hackers accessing camera locations, the museum was characteristically dry; anyone walking through its galleries could see where the cameras were, as is the case in any public space.
It also denied that its entire digital photographic archive had been stolen, saying a back-up was in place and that all data had since been fully restored.
Palazzo Pitti
The most eyebrow-raising details in Corriere‘s reporting centred on Palazzo Pitti, the Renaissance palace that served as the Medici family’s summer residence and now houses the so-called “Medici Treasure.” The newspaper claimed that parts of the palace had been closed since 3 February and that valuable items had been temporarily moved to a vault at the Bank of Italy for safekeeping.
The Uffizi did not deny the transfer to a bank vault, but insisted it was part of planned renovation work, not a response to the hack.
Corriere also reported that some doors and emergency exits had been sealed with bricks and mortar, and that staff had been told not to speak publicly about the incident. The museum offered a different explanation: it had only just submitted a fire safety notice to the local fire brigade after years without certification, and some doorways were sealed as part of those long-overdue measures.
The Shadow of the Louvre
The timing is awkward for European museums generally. The attack comes in the wake of last October’s audacious daylight raid on the Louvre in Paris, in which a masked gang exploited the museum’s ageing CCTV infrastructure to steal priceless historic artefacts.
In Italy, only last week thieves made off with three Impressionist paintings in three minutes. The raid on the Magnani Rocca Foundation near Parma, was “structured and organised” the Carabinieri stated.
The Uffizi was keen to distance itself from any comparison, saying its situation was “nothing like the Louvre.” Security upgrades had already been under way before the cyber-attack, it said, including the replacement of analogue cameras with digital ones following police recommendations made in 2024. That work has since been accelerated.
