Germany’s Dresden State Art Collections, one of Europe’s oldest museum networks, has been hit by a targeted cyberattack that disrupted large parts of its digital infrastructure, the state of Saxony’s culture ministry said this week.
The attack, discovered on Wednesday, has left the museum group with limited digital and phone services. Online ticket sales, visitor services, and the museum shop are currently unavailable, and payments at museum sites can only be made in cash. Tickets purchased online before the incident remain valid and can still be scanned on site.
Despite the disruption, the museums remain open to visitors. The culture ministry said security systems protecting the collections were not affected and that both physical and technical security remain fully intact.
The Dresden State Art Collections, known as SKD, said it is unclear when all affected systems will be fully restored. As of Friday, the institution was still operating under restrictions, with no new updates on the incident, local media reported, citing an SKD spokesperson.
Officials have not said who carried out the attack or what their motives may have been. It is also unclear whether the incident involved a ransom demand or whether any negotiations with the attackers are underway.
The Dresden State Art Collections oversee about 15 museums, housing works by artists such as Raphael and Rembrandt, as well as the famed Green Vault, one of Europe’s richest treasure chambers, known for its royal jewels and goldwork.
Cultural institutions have increasingly become targets for cybercriminals in recent years. In 2023, Canada’s national art museum spent weeks restoring systems after a ransomware attack, while in 2022 the Metropolitan Opera in New York suffered a cyberattack that disrupted ticketing and box office operations during the busy holiday season.
Major libraries have also drawn the attention of hackers, prompting U.S. officials to launch a program to help such institutions protect themselves from cyberattacks. In 2023, ransomware crippled the systems of the British Library, one of the world’s largest and the national library of the United Kingdom. In Canada, the Toronto Public Library spent months recovering from a ransomware attack, describing the incident as a “crime scene.”
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
