A group of hackers has hit a popular software used by major international museums. Since the cyberattack in December, several cultural organisations like the Rubin Museum of Art in New York and the Museum of Fine Arts in Boston are still struggling to access their online collections.  

On 28 December, the serious attack targeted Gallery Systems, a type of software museums use to digitally display collections and store sensitive information. This includes the names of donors, loan agreements, provenance records, and storage locations.  

Paige Francis, chief information officer at Crystal Bridges museum in Arkansas, which was also impacted by the hack, said that the organisation is “mostly concerned about the public’s inability to benefit from viewing our collection remotely during this disruption. The data of our customers and visitors has not been compromised. Access to our digital collection is the only impact.”  

Third-party cybersecurity experts were quickly called to retrieve lost information and investigate the ransomware hackers, who are known for holding online services hostage until victims pay a ransom. “The objects in museums are valuable, but the information about them is truly priceless,” explained Erin Thompson, a professor of art crime at John Jay College of Criminal Justice in New York. “Often, generations of curators will have worked to research and document an artifact. If this information is lost, the blow to our knowledge of the world would be immense.” 

Cyberattacks, like this recent one, are becoming more common for cultural institutions around the world. In October 2023, the British Library in London was hacked by the Rhysida ransomware group who demanded a ransom for the return of user data and employee details. Rhysida even released low-res images of British Library employees’ passports and opened an auction for an undisclosed set of documents at 20 bitcoin, equivalent to about £600,000. 

“The Library itself remains a crime scene, with a forensic investigation of our disrupted network still ongoing,” declared Roly Keating, the library’s chief executive, in December. “In parallel, our teams are examining and analysing the almost 600 gigabytes of leaked material that the attackers dumped online—difficult and complex work that is likely to take months.” 

This new challenge faced by museums is often exacerbated by budget constraints and limited resources. But even with the most robust security measures, hackers are infamous for finding ways to exploit the smallest vulnerability in software. 

“Society more widely, and all of us as individuals need to be alert to this fast-evolving threat,” warned Keating. “The people responsible for this cyber-attack stand against everything that libraries represent: openness, empowerment, and access to knowledge.”