Boboli Gardens and Palazzo Pitti: Italy’s Uffizi hit by cyberattack, jewels moved to Bank of Italy, Corriere reports

Cyberattack Targets Florence’s Uffizi Galleries, Prompting Emergency Security Measures

Florence’s Uffizi Galleries home to masterpieces like Botticelli’s Birth of Venus and Michelangelo’s Doni Tondo suffered a severe cyberattack in late January or early February 2024, according to a Corriere della Sera report. The breach compromised the museum’s administrative systems, including servers for the Uffizi, Palazzo Pitti, and the Boboli Gardens, with hackers allegedly stealing passwords, alarm codes, and internal maps.

The attackers reportedly emptied servers and issued a ransom demand directly to Uffizi Director Simone Verde’s personal phone. As a precaution, the museum transferred some of the Treasury of the Grand Dukes’ most valuable jewels housed in Palazzo Pitti, the former Medici residence to the Bank of Italy. Emergency exits were sealed, and the Treasury was closed to the public from February 3 for "extraordinary maintenance," though no further details were provided.

The breach also resulted in the theft of the photographic department’s entire digital archive, containing decades of images and documents. While the Uffizi, Italy’s second-most-visited museum with annual revenues of €60 million ($69 million), has not publicly commented, the incident follows recent high-profile art thefts, including a $102 million jewel heist at Paris’ Louvre and the March theft of Renoir, Cézanne, and Matisse paintings from a northern Italian museum. Authorities have not yet confirmed the attack or identified the perpetrators.

Source: https://www.reuters.com/world/italys-uffizi-hit-by-cyberattack-jewels-moved-bank-italy-corriere-reports-2026-04-03/

Centrica - Imagine more cybersecurity rating report: https://www.rankiteo.com/company/centrica-italy-

Fondazione Palazzo Strozzi cybersecurity rating report: https://www.rankiteo.com/company/palazzostrozzi

"id": "CENPAL1775206485",
"linkid": "centrica-italy-, palazzostrozzi",
"type": "Ransomware",
"date": "1/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Arts and Culture',
                        'location': 'Florence, Italy',
                        'name': 'Uffizi Galleries',
                        'size': 'Large (Italy’s second-most-visited museum)',
                        'type': 'Museum'},
                       {'industry': 'Arts and Culture',
                        'location': 'Florence, Italy',
                        'name': 'Palazzo Pitti',
                        'type': 'Museum'},
                       {'industry': 'Arts and Culture',
                        'location': 'Florence, Italy',
                        'name': 'Boboli Gardens',
                        'type': 'Museum/Garden'}],
 'customer_advisories': "Treasury closed to the public for 'extraordinary "
                        "maintenance'",
 'data_breach': {'data_exfiltration': 'Yes',
                 'file_types_exposed': ['Images', 'Documents'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Passwords',
                                              'Alarm codes',
                                              'Internal maps',
                                              'Digital archive of images and '
                                              'documents']},
 'date_detected': '2024-02-03',
 'date_publicly_disclosed': '2024-02',
 'description': 'Florence’s Uffizi Galleries, home to masterpieces like '
                'Botticelli’s *Birth of Venus* and Michelangelo’s *Doni '
                'Tondo*, suffered a severe cyberattack in late January or '
                'early February 2024. The breach compromised the museum’s '
                'administrative systems, including servers for the Uffizi, '
                'Palazzo Pitti, and the Boboli Gardens, with hackers allegedly '
                'stealing passwords, alarm codes, and internal maps. The '
                'attackers reportedly emptied servers and issued a ransom '
                'demand directly to Uffizi Director Simone Verde’s personal '
                'phone. The breach also resulted in the theft of the '
                'photographic department’s entire digital archive, containing '
                'decades of images and documents.',
 'impact': {'brand_reputation_impact': 'High',
            'data_compromised': 'Passwords, alarm codes, internal maps, '
                                'digital archive of images and documents',
            'operational_impact': 'Emergency exits sealed, Treasury of the '
                                  'Grand Dukes closed to the public, transfer '
                                  'of valuable jewels to Bank of Italy',
            'systems_affected': 'Administrative systems, servers for Uffizi, '
                                'Palazzo Pitti, and Boboli Gardens'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': 'Yes', 'ransom_demanded': 'Yes'},
 'references': [{'source': 'Corriere della Sera'}],
 'response': {'communication_strategy': 'Limited public comment, closure '
                                        "attributed to 'extraordinary "
                                        "maintenance'",
              'containment_measures': 'Emergency exits sealed, Treasury closed '
                                      'to the public, transfer of valuable '
                                      'jewels to Bank of Italy'},
 'title': 'Cyberattack on Florence’s Uffizi Galleries',
 'type': 'Ransomware'}