A reported cyberattack on Florence’s Gallerie degli Uffizi has triggered concern, political scrutiny and a sharp response from the museum’s management after conflicting accounts emerged on the scale and consequences of the breach.
The case came to public attention through a report published by Corriere della Sera, which described a prolonged intrusion into the museum network and a series of emergency security measures affecting parts of Palazzo Pitti. The Uffizi administration has since denied key elements of that account, stating that no data was stolen and no security systems were compromised.
What the initial reports said
According to the newspaper report, hackers accessed the Uffizi’s IT systems through a vulnerability linked to software managing low-resolution images on the museum’s website. The intrusion would have begun months earlier, allowing attackers to move gradually through internal systems.
The alleged breach was described as extensive. Reports claimed that the attackers accessed technical offices and obtained sensitive material, including internal maps, alarm systems, access routes and surveillance layouts across the museum complex, which also includes the Boboli Gardens.
The same account suggested that a ransom demand had been sent directly to the museum’s director, Simone Verde, with threats to sell the data on the dark web if payment was not made.
As a precaution, the article reported, part of Palazzo Pitti had been closed indefinitely, valuable objects from the Medici Treasury moved to a vault at the Banca d’Italia, and some internal doors and exits physically sealed.
Investigation and legal action
Florence prosecutors had already opened an investigation in early February into alleged unauthorised access to computer systems and attempted extortion. The case is being handled by the postal police in coordination with Italy’s national cybersecurity agency.
The reported timeline indicates that the most visible disruption occurred between late January and early February, when administrative services were temporarily blocked.
Political reaction and calls for clarity
The case quickly reached the national political level. Members of the Democratic Party (PD) submitted a parliamentary question asking the Minister of Culture, Alessandro Giuli, to clarify what happened and outline government investment in cultural cybersecurity.
Local authorities also reacted. Florence mayor Sara Funaro said the episode highlights the need for stronger digital security measures in cultural institutions and expressed support for the museum’s leadership.
Trade unions raised additional concerns, focusing on staff safety. Representatives warned that physical security measures such as closing doors must not interfere with emergency evacuation routes inside historic buildings.
The Uffizi’s rebuttal
In an official statement issued after the media coverage, the Uffizi administration rejected the most serious claims.
The museum said there had been no theft of data, no loss of information and no evidence that hackers obtained security maps or passwords. It also stated that its security systems operate on closed internal networks, not accessible from outside.
According to the same statement, the photographic archive remains intact thanks to a complete backup, and the temporary disruption earlier in the year was due to restoring systems rather than a destructive attack.
The museum also provided alternative explanations for some of the reported emergency measures. The transfer of Medici Treasury objects, it said, had already been planned as part of renovation works launched months earlier. Structural changes, including some wall closures, were linked to fire safety requirements and broader adjustments in historic buildings.
On surveillance systems, the Uffizi noted that cameras were already being upgraded from analogue to digital as part of an ongoing process initiated in 2024.
A case still evolving
The contrasting versions leave several points unresolved, particularly regarding the extent of the intrusion and whether any sensitive information may have been accessed during the breach.
While investigations continue, the case has highlighted the growing importance of cybersecurity for major cultural institutions, especially those managing complex historic sites open to millions of visitors each year.
❤️ Support Florence Daily News
If you liked this article, please consider supporting Florence Daily News.
We are an independent news site, free from paywalls and intrusive ads, committed to providing clear and reliable reporting on Florence and Tuscany for everyone.
Your support — whether a one-time gift or a regular contribution — helps us stay independent and keep telling the stories that matter.
Donate securely via Stripe below.
Make a one-time donation
Make a monthly donation
Make a yearly donation
Choose an amount
Or enter a custom amount
Your contribution is appreciated.
Your contribution is appreciated.
Your contribution is appreciated.
DonateDonate monthlyDonate yearlyDiscover more from Florence Daily News
Subscribe to get the latest posts sent to your email.