As reported by the publication The Liberation
The morning of October 19 brought the Louvre not only the theft of valuables worth 88 million euros, but also serious findings about vulnerabilities in its security systems that had persisted since 2014 – from outdated software to weak passwords. The publication was published by an outlet that covers cybersecurity and internal audits in museums.
Security audits and procurement documents obtained by journalists indicate that the Louvre’s IT systems had large vulnerabilities for years, and museum management did not commit to fixing them in a timely manner.
In December 2014, three cybersecurity specialists audited the museum at the request of the National Agency for Information Security. The conclusions of the confidential audit confirmed numerous defects: among them an extreme weakness of passwords – for example, “LUVR” to access cameras or “THALES” to log into a program released by the company “Thales”.
Additionally, the Louvre’s office networks were running on outdated software – notably Windows 2000. ANSSI experts urged the museum management to take appropriate measures to minimize risk.
One of the problems was an extremely weak password: for example, “LUVR” to access the cameras or “THALES” to log into a program released by the company “Thales”.
In October 2015, a new audit was commissioned, which was completed in 2017: the documents again recorded serious deficiencies similar to the previous ones. The conclusions called for improvements in security management, staff training, visitor-control procedures, as well as the video surveillance and rooftop security systems. They emphasized updating outdated software and more frequent password changes. At the same time, it was not possible to learn what specific measures the Louvre had taken to reduce risks, as the museum’s leadership refused to comment.
What is known about the robbery and its consequences
In the morning of October 19, through the façade of the building facing the Seine, nine valuables from Napoleon’s collection disappeared. According to sources, the culprits gained entry to the building using a freight elevator, obtaining direct access to the Apollo Gallery.
Two robbers shattered display cases in the Napoleon and French Sovereigns galleries and stole nine items from the imperial collection. The total value of the stolen items amounts to 88 million euros.
Three days after the incident – on October 22 – the Louvre resumed operations. Immediately after the robbery, calls emerged for the resignation of the head of the museum’s security service, Dominique Buffen, due to security gaps.
The security situation at the Louvre continues to raise concerns: experts and assessments emphasize the need to modernize security systems, update technical solutions, and strengthen staff training to prevent similar incidents in the future.
You might be interested in:
- Five new suspects arrested in Paris for the Louvre crown jewels theft; investigation ongoing with no recovered items yet.
- Nine historical jewels from Napoleon’s collection were stolen from the Louvre on October 19, with suspects identified as local amateurs rather than professional criminals.
- US Homeland Security Secretary Kristi Noem fired nearly 20 FEMA IT specialists over security protocol violations, exposing serious cybersecurity vulnerabilities but no data breach.
