Cybercrime: The blind spot in museum security

At the Musée du Louvre in Paris, February 25, 2026. THOMAS PADILLA/AP

Masked and armed burglars no longer have the monopoly on criminal intrusions in French museums. On Monday, March 2, a cyberattack with serious consequences struck Vivaticket, the online ticketing platform used by dozens of French national cultural sites. The immediate results were operational paralysis and a major risk of personal data leaks.

The pattern behind these cyberattacks is by now well known. A hacker enters the IT system and blocks the servers hosting the operator's client data. The operator can no longer access the data without a code provided by the hacker, who demands a ransom in exchange.

The consequences for the cultural sector were significant, as Vivaticket is the leading platform for tourism ticketing. The Musée du Louvre, the Musée d'Orsay, the Musée du quai Branly, Notre-Dame de Paris, the Arc de Triomphe, the Eiffel Tower, the Musée Guimet in Paris, Parc Astérix in Oise, the Louvre-Lens in Pas-de-Calais, and several museums in Lyon – just to name a few – lost access to secure online ticketing. The Louvre-Lens's online ticketing, for example, remains unavailable to this day. "Temporary solutions are being considered, including through partner tourism platforms, to quickly restore an alternative online ticketing service," staff on site explained.

Cybercrime: The blind spot in museum security

Related reading

Louvre heist puts French museums on high alert

Louvre Heist Sparks Security Scramble Across French Museums

French museums security under scrutiny in the Sénat after Louvre heist

Paris police admits to gaps in Louvre security system after high-profile heist

Louvre heist: French culture minister says museum's security system worked…

Louvre ticket fraud ring dismantled, police says