French Museums Hit by Ransomware Attack

A wave of cyber attacks have affected arts organizations over the past year.

Kazuki Iimura of Team Japan and Guillaume Bianchi of Team Italy compete during the Fencing Men's Foil Gold Medal match between Team Italy and Team Japan on day nine of the Olympic Games Paris 2024 at Grand Palais on August 04, 2024 in Paris, France. Photo: Ezra Shaw/ Getty Images.

The Grand Palais and other museums in its Réunion des Musées Nationaux (RMN) network, some of which are being used as venues for the Olympic Games in Paris, have been targeted by a ransomware attack.

The attack affected the RMN online shop boutiquesdemusees.fr, so did not interrupt any Olympic events taking place at the Grand Palais-RMN, which is hosting fencing and taekwondo competitions, or the Château de Versailles, which is in the same network and a venue for the modern pentathlon and equestrian sports.

The Grand Palais-RMN is a network of 34 public cultural institutions that report to France’s culture ministry. It includes museums the Louvre, Musée d’Orsay, Musée Picasso, all in Paris, as well as many regional museums, but none of these institutions have reported being affected. The Musée d’Orsay said its bookshop operates on an autonomous system.

The Grand Palais is a venue for various exhibitions and cultural events, including Art Basel Paris in October.

The attack on the network’s central data system was detected on Sunday and the Grand Palais-RMN has said in a statement that it is not aware of any data that was successfully extracted. It did not confirm whether any possible perpetrators have been identified by publication time but France’s national cybersecurity agency ANSSI has been helping to restore the network.

“No impact was observed on the operation of the Grand Palais,” it said in a statement. “Concerning the 36 bookstores of the national museums managed by Grand Palais-RMN, they are operating normally, autonomously and the museums and their bookstores remain open to the public under the usual conditions”

Ransomware attacks are a type of malware that encrypt the victim’s data, making it inaccessible until the attacker receives ransom. Reuters has quoted Franceinfo radio as claiming that the perpetrators have in this case demanded an unspecified ransom payment be made within 48 hours with the threat of leaking private financial data. According to the Associated Press, Paris’s prosecutor’s office has entrusted France’s Brigade for Combating Cybercrime with investigating the incident and identifying the perpetrators.

Cybersecurity has become a growing concern for arts organizations and businesses, with multiple hacking scandals occurring since the start of this year. In January it was reported that, Gallery Systems, a software used by many museums in the U.S., was attacked on December 28, causing I.T. outages that affected multiple online collections.

Christie’s auction house fell prey to hackers ahead of three major sales in New York in May. The ransomware group behind the attack, RansomHub, then put up confidential client data for auction online, including names, gender, passport numbers and expiry dates, and birthdates. The auction house is now the target of a class action suit alleging negligence, breach of implied contract, unjust enrichment, and violation of the New York deceptive trade practices act.

Article topics