The Uffizi Gallery in Florence successfully maintained public operations and visitor services after a weekend cyberattack targeted its internal administrative servers and staff email systems. While back-office functions faced disruption, the museum remained open to the public as ticketing and security systems were unaffected by the malware.

A cyberattack discovered between January 31 and February 1 forced the Uffizi Gallery to shut down its internal administrative network and suspend staff email accounts to contain the intrusion. Despite the technical failure in the back office, the museum's public-facing infrastructure, including its website, surveillance, and ticketing systems, remained fully operational. Technicians immediately launched recovery procedures, instructing employees to keep computers powered off while forensic investigators from Italy’s postal police began analyzing the breach.

The incident highlights a persistent trend of cyber threats targeting major European cultural and academic institutions, often through phishing or software vulnerabilities. Investigators are currently looking for potential links between the Uffizi breach and a simultaneous attack on Sapienza University of Rome. While administrative tasks like human resources and procurement have slowed down, there is currently no evidence that the museum’s digital collections or sensitive visitor data were compromised during the event.

To mitigate the impact, the museum has relied on secure backups to restore affected services while teams verify the integrity of the data. Staff have been directed to change credentials and avoid remote connections until the IT department provides a full clearance. Although internal scheduling and communications remain hampered, the museum’s priority has been to ensure that the disruption does not spill over into the galleries or affect the experience of the millions of people who visit annually.

The Uffizi remains open during its standard hours, with all guided tours, audio guides, and ticket desks functioning as usual. The gallery, which houses world-renowned masterpieces by Botticelli and Da Vinci, continues to welcome visitors while the technical staff works behind the scenes to bring administrative systems back online. This resilience underscores the museum's strategy of isolating its public services from its internal corporate network to prevent a total operational shutdown during a security event.

Moving forward, the recovery process is expected to lead to a comprehensive review of the institution's digital defenses and potential investments in more robust cybersecurity infrastructure. Experts suggest that such incidents serve as a critical reminder for cultural landmarks to prioritize network segmentation and multi-factor authentication. For now, the Uffizi continues its mission of displaying historic art while authorities work to identify the source of the attack and secure the administrative offices for the long term.

Source: Hacker Attack Disrupts Systems at Florence’s Uffizi Museum