A $102 million Louvre crown heist has exposed shocking cybersecurity failures, including systems protected by the password “Louvre” for over a decade.
PARIS: A robbery at the Louvre Museum that saw thieves steal a crown worth $102 million has turned from a dramatic heist into a cybersecurity scandal. French newspaper Libération revealed this week that the museum had been repeatedly warned about serious IT vulnerabilities — including surveillance systems secured by the password “Louvre.”
The incident, which took place on October 18, initially stunned the public with its high-visibility confusion. The thieves, dressed in reflective vests, fumbled their escape, even dropping one of the stolen crowns and failing to set their escape elevator on fire.
However, the real issue now lies in what many experts call a preventable failure. According to reports, French cybersecurity experts were able to breach the Louvre’s internal systems as far back as 2014, simply by guessing basic passwords and exploiting outdated protocols. Despite numerous internal audits and warnings over the years, little was done to update the museum’s digital defences.
The breach highlights long-standing problems in protecting cultural heritage institutions against modern threats. Critics say the museum’s over-reliance on legacy systems and poor password policies reflect broader issues in public cybersecurity standards.
No suspects have yet been arrested, but authorities are investigating internal documents and system logs. The Louvre has not issued a full statement but has acknowledged that an internal audit has been launched.
For now, the theft — and the weak digital security behind it — serves as a cautionary tale for global institutions tasked with guarding priceless treasures in a digital age.
