- Louvre criticized for running outdated software and using weak passwords
- 2017 report warned of imminent serious attack
- Less than half of the rooms are covered by cameras.
The recent major jewel heist at the Louvre, where thieves disguised as construction workers stole eight pieces of the Crown Jewel worth an estimated €88 million ($101 million), might not have been so shocking after all.
New reports revealed some shocking security shortcomings at the iconic museum, including poor passwords and below-par IT protections.
This includes the fact that the password to the Louvre’s surveillance server is believed to have been the highly unimaginative “LOUVRE”, and that’s just the beginning, as investigations into the breach reveal other cybersecurity missteps.
The Louvre heist was destined to happen anyway, one way or another.
A 2017 audit had already warned that the threat of a serious attack could no longer be ignored.
Following the heist, France’s National Cybersecurity Agency (ANSSI) discovered that the museum’s office network was still running outdated systems, such as Windows 2000 and Windows Server 2003, without sufficient antivirus protection.
Although it is unclear whether weak passwords or outdated systems still existed during the October 2025 heist, a 2014 report highlighted by a French newspaper Release (through cyber news) confirmed that the surveillance network was protected by “LOUVRE” as a password.
The museum’s director, Laurence des Cars, at least admitted that the thieves were able to gain access because the “weak” CCTV perimeter failed to detect them early enough.
The report, leaked to the media a day after the heist, noted that only 39% of the Louvre’s rooms had cameras last year and that the installation of more cameras had been delayed (via The times).
French Culture Minister Rachida Dati says the Louvre’s security systems did not fail. Dati has since drawn up plans to create a new security department.
Additionally, the report details French President Emanuel Macron’s plans to fund a separate room for the Mona Lisa through surcharges for British and other non-EU visitors, according to The times information.
So far, four suspects are detained, but the jewelry has not been found.
