The **Muséum national d'Histoire naturelle (MNHN)** in Paris suffered a **massive ransomware attack** in late July 2025, crippling its internal network and disrupting critical operations. The attack forced the cancellation of the high-profile *Tropical Autumn: Palms, Treasures and Secrets* exhibition, a major seasonal event expected to draw significant public interest. Beyond cultural losses, the breach paralyzed research activities—600 scientists faced delays, with some losing **€30,000–50,000 in unspendable research funds** due to inaccessible systems. Digital tools for libraries, collections, and expertise were rendered unusable, halting parts of **French natural science research**. While public-facing sites (galleries, zoos, gardens) remained open, digitally dependent services (e.g., themed tours) were suspended. The institution filed a complaint, refusing ransom payments, and prioritized system restoration. The attack underscores the growing vulnerability of cultural institutions to cyber threats, with **40 French museums targeted similarly in the past year**. Recovery efforts focus on securing infrastructure, but the financial, operational, and reputational damage persists.
TPRM report: https://www.rankiteo.com/company/museum-national-d'histoire-naturelle
"id": "mus4335743091925",
"linkid": "museum-national-d'histoire-naturelle",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': ['Botany enthusiasts (exhibition '
'attendees)',
'Researchers (600 scientists)',
'General public (limited access '
'to digital services)'],
'industry': 'Natural history, research, education, and '
'cultural heritage',
'location': '57 rue Cuvier, 5th arrondissement, Paris, '
'France',
'name': "Muséum national d'Histoire naturelle (MNHN)",
'type': 'Cultural and scientific institution'}],
'customer_advisories': ["Cancellation of 'Tropical Autumn' exhibition "
'announced; no new dates provided',
'Galleries, zoos, and gardens remain open; some '
'themed tours suspended'],
'data_breach': {'data_exfiltration': 'Possible (unconfirmed)',
'personally_identifiable_information': 'None (confirmed)',
'type_of_data_compromised': 'Unspecified (possible '
'exfiltration; no public data '
'confirmed)'},
'date_detected': 'Late July 2025',
'date_publicly_disclosed': 'Late July 2025 (exact date unspecified)',
'description': 'A massive ransomware attack in late July 2025 paralyzed the '
"Muséum national d'Histoire naturelle (MNHN) in Paris, "
'disrupting its digital infrastructure, research activities, '
"and forcing the cancellation of the 'Tropical Autumn: Palms, "
"Treasures and Secrets' exhibition. The attack affected "
'internal networks, research funding, and digital tools '
"critical to the institution's operations. No public data was "
'compromised, but the institution refused to pay the ransom. A '
'crisis unit was established to restore services and enhance '
'cybersecurity.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'cancellation of high-profile '
'exhibition and operational disruptions',
'data_compromised': 'Possible data exfiltration (no public data '
'confirmed compromised)',
'downtime': 'Ongoing since late July 2025 (as of report date)',
'identity_theft_risk': 'None (no public data compromised)',
'operational_impact': ["Cancellation of 'Tropical Autumn: Palms, "
"Treasures and Secrets' exhibition (October "
'16–November 24, 2025)',
'Disruption of research activities for 600 '
'scientists',
'Loss of €30,000–€50,000 in research '
'funding per team (unspendable due to '
'system inaccessibility)',
'Suspension of themed tours dependent on '
'digital applications'],
'payment_information_risk': 'None',
'systems_affected': ['Internal computer network',
'Digital tools for operations',
'Research control systems',
'Online tools for research, expertise, '
'libraries, and collection consultation',
'Digital applications for themed tours']},
'investigation_status': "Ongoing (handled by Paris public prosecutor's "
'cybercrime section)',
'post_incident_analysis': {'corrective_actions': ['Enhancement of digital '
'security measures']},
'ransomware': {'data_encryption': 'Yes (partial paralysis of internal '
'network)',
'data_exfiltration': 'Possible (unconfirmed)',
'ransom_paid': 'No (policy of French State and public '
'administrations)'},
'references': [{'source': 'Article describing the cyberattack on MNHN'}],
'regulatory_compliance': {'legal_actions': 'Complaint filed with Paris public '
"prosecutor's office"},
'response': {'incident_response_plan_activated': 'Yes (crisis unit '
'established)',
'law_enforcement_notified': 'Yes (complaint filed with Paris '
"public prosecutor's office; "
'investigation handled by '
'specialized cybercrime section)',
'remediation_measures': ['Gradual restoration of services',
'Reinforcement of digital security']},
'title': "Massive Ransomware Attack on Muséum national d'Histoire naturelle "
'(MNHN)',
'type': 'Ransomware attack'}