The Louvre museum at one point had its own name as one of the passwords to its video surveillance system, French newspaper Libération first reported.
The iconic Paris museum in October was the scene of a heist where thieves stole several valuable Napoleonic jewels. The French National Cybersecurity Agency (ANSSI) audited the Louvre’s security system back in 2014, when it found that the password to the server overseeing the museum’s video surveillance system was simply “LOUVRE,” and warned that the same server could be exploited to commit a robbery if accessed by the wrong person, Libération reported.
In addition to the eponymous password to the video surveillance, the museum’s password to access a security program published by French cybersecurity company Thales Group was “THALES” at the time of the audit, according to Libération.
“An attacker who manages to take control of this network would be able to facilitate damage or even theft of artworks,” stated ANSSI in its 2014 audit report, obtained by Libération, originally in French.
“The applications and systems deployed on the security network present numerous vulnerabilities,” the audit report added. “From this access point, it is then possible to compromise the security network … to damage the video surveillance system by compromising outdated servers … to modify the access rights granted to a badge by compromising the database used by the badge access control system,” the audit report added.
The Louvre had also used the then-14-year-old operating system Windows 2000 for its office network at the time of the 2014 audit, Libération reported. ANSSI called the system “obsolete” and urged the museum to change its passwords so they were more complex than “LOUVRE” and “THALES.”
It is unclear whether the passwords had been changed following the audit, and, if so, what they had been changed to.
Another audit was conducted on the Louvre’s security system in 2017, this time by another French government agency, according to Libération. The audit found, similarly to the one conducted by ANSSI three years earlier, “serious shortcomings” in the “overall system.” The 2017 audit report warned that while the Louvre “has thus far been relatively spared, it can no longer ignore the potential threat of an attack with potentially dramatic consequences.”
According to Microsoft support, a “strong” password must have a minimum of 12 characters but preferably over 14, and contain a mix of capital and lowercase letters as well as numbers and symbols. To qualify as “strong,” a password must also not be the “name of a person, character, product, or organization,” and instead be “difficult for others to guess,” per Microsoft.
Four thieves dressed as construction workers broke into the Louvre’s Apollo Gallery on Oct. 18 using a cherry picker and stole several pieces of French Crown Jewels totaling about $100 million in value. French police arrested two of the suspects on Oct. 25 — one at the airport as he was reportedly about to flee to Algeria. Four days later, five more people were arrested in connection with the heist, but three were released without receiving charges.
A total of four suspects have been charged as of Monday. Paris prosecutor Laure Beccuau said these suspects — three male and one female — are petty criminals living in the suburbs of Paris and not known to be linked to organized crime.
Authorities have yet to recover any of the eight jewels successfully stolen in the heist.
The Louvre is currently the home of many iconic and timeless masterpieces such as Leonardo da Vinci’s Mona Lisa, the Venus de Milo, and the nearly four-millennia-old Code of Hammurabi.
The Louvre, ANSSI, and the French Ministry of the Interior did not immediately respond to the Daily Caller News Foundation’s request for comment.
All republished articles must include our logo, our reporter’s byline, and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.
DONATE TO BIZPAC REVIEW
Please help us! If you are fed up with letting radical big tech execs, phony fact-checkers, tyrannical liberals and a lying mainstream media have unprecedented power over your news please consider making a donation to BPR to help us fight them. Now is the time. Truth has never been more critical!
- Exclusive: Sanctuary state allows illegal immigrant to walk after fatal truck crash despite Fed’s request - December 17, 2025
- Conservative student leader Ella Cook revealed as one of deaths in Brown shooting - December 15, 2025
- ‘Wear sunscreen’: Lee Zeldin reveals he beat skin cancer - December 15, 2025
Comment
We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. Thank you for partnering with us to maintain fruitful conversation.
BPR INSIDER COMMENTS
Scroll down for non-member comments or join our insider conversations by becoming a member. We'd love to have you!
