{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreieijezggl4ootkdy4i5y75omjxvqcd7l7yjidxivo3swc322svvve",
"uri": "at://did:plc:ogzu4zgl3zr5ufw3l7yu64cq/app.bsky.feed.post/3mejgdbim7ay2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreigq5ookqviivc7tqasi6uyzbg24d2dtjbvortkqovg2gvthnv4qv4"
},
"mimeType": "image/jpeg",
"size": 82028
},
"path": "/news/hacker-attack-hits-uffizi-museum.html",
"publishedAt": "2026-02-09T12:59:40.000Z",
"site": "https://www.wantedinrome.com",
"tags": [
"News",
"Florence local English news"
],
"textContent": "Administrative Systems Targeted While Visitor Services Continue as NormalA weekend cyberattack on the Uffizi Gallery in Florence disrupted administrative servers and staff email systems but left ticketing, surveillance and visitor services operational, allowing the museum to remain open to the public.\nBetween Saturday, Jan. 31, and Sunday, Feb. 1, technicians at the Uffizi detected malware on internal back-office systems, forcing the shutdown of staff computers and the temporary suspension of work email accounts.\nAccording to information from the local press, the intrusion affected administrative functions only. Visitor reception, ticketing, the museum’s main website and video surveillance systems were reportedly untouched, and the Uffizi opened on its normal schedule.\nA formal complaint has been filed with Italy’s postal police, and forensic analysis is underway.\nThe attack highlights a growing cybersecurity risk for major cultural and academic institutions. In recent years, museums and universities across Europe and North America have faced ransomware attacks and data theft attempts, often exploiting outdated software, weak network segmentation and staff phishing, according to the Sophos State of Ransomware Education 2025 report.\nThe timing of the Uffizi breach coincided with a separate cyberattack at Sapienza University of Rome, prompting investigators to examine whether the two incidents are connected, according to local media reports.\nMuseum technicians activated containment and recovery procedures. Staff were instructed not to power on computers until cleared by IT personnel, to avoid remote connections to museum systems and to change email passwords as soon as possible.\nBackups were brought online as teams began verifying the extent of the attack and restoring affected services. Museum spokespeople have not released technical details.\nThere are no reports of compromised digital collections or damage to public-facing systems, according to local press. Nevertheless, the disruption has slowed a number of internal activities. Human resources, procurement, internal communications and some administrative scheduling have been affected as staff work around the intrusion.\nOfficials caution that full administrative recovery could take several days as backups are reviewed and data integrity is confirmed.\nThe Uffizi’s priority during the incident was preserving visitor safety and maintaining front-of-house operations. Ticket desks and online ticketing continued to function, guided tours proceeded as planned and surveillance systems remained active, allowing the gallery to maintain normal opening hours (Tuesday to Sunday, 8:15 a.m. to 6:30 p.m., closed Mondays).\nStandard ticket prices for the main collection remained unchanged, and audio guides and visitor information services continued to be available.\nItaly’s postal police, which handles cybercrime, has been notified and is coordinating investigative efforts with the museum’s IT staff. Authorities aim to trace the point of entry, determine whether sensitive administrative data was accessed and assess whether the attack exploited known vulnerabilities in the museum’s systems.\nIf links to the Sapienza University incident are established, investigators will examine whether similar tactics were used, such as phishing, credential stuffing or shared software vulnerabilities.\nThe incident underscores the growing vulnerability of cultural institutions that combine historic heritage with increasingly complex digital operations.\nThe Uffizi, a mid-16th-century Vasari palace built for the Medici family, houses masterpieces including Botticelli’s The Birth of Venus, Leonardo’s Annunciation, and works by Michelangelo and Caravaggio. The museum draws millions of visitors each year and relies heavily on digital systems for ticketing, collections management and communications.\nRecent incidents at other museums and universities have shown how administrative outages can disrupt operations even when galleries remain physically open to the public.\nExperts cited by Times Higher Education note that preventive measures such as regular software patching, stronger network segmentation, off-site encrypted backups, multi-factor authentication for staff accounts and ongoing cybersecurity training can significantly reduce the risk of attacks.\nThe Uffizi’s recovery process is expected to include a review of existing security measures and may prompt broader investment in IT protection across Italy’s cultural institutions, as has occurred following similar incidents in the past.\nFor visitors, the museum remains open and main services are functioning. For administrators and policymakers, the breach serves as a reminder that protecting priceless artworks today requires digital resilience as much as physical security.\nInvestigations and restoration work are expected to continue in the coming days. Museum authorities have indicated they will provide updates as systems are gradually brought back online.\nPh: Mlle Sonyah / Shutterstock.com",
"title": "Hacker Attack hits Uffizi Museum"
}