Grand Palais Museum Faces Cyber Ransom Threat Amid Olympic Preparations

NAIROBI (CoinChapter.com)—Hackers targeted the Grand Palais Museum, a venue for the Paris Olympic Games, demanding a crypto ransom to prevent the leak of financial data.

The attack occurred on the night of Aug. 3 and affected 40 museums across France. The French cybersecurity agency ANSSI is investigating the incident.

Cyber Attack Hits Grand Palais Museum During Olympics

According to a press release issued by the Grand Palais, a “cyberattack” hit the venue on the night of Aug. 3 into the morning of Aug. 4. France’s cybersecurity agency, ANSSI, was notified immediately “to analyze the situation and restore our networks.”

Technical teams are fully mobilized to manage the incident, with support from the Ministry of Culture.

No data extraction has been detected, and museum operations continue without disruption. The French Anti-Cybercrime Brigade (BL2C) is investigating organized extortion and criminal association. The hackers have given a 48-hour ultimatum for the ransom payment.

Although the attack impacted the Grand Palais Museum, it did not affect other museums under the RMN’s management, including the Louvre. Louvre’s director, Matthias Grolier, disputed claims on X that the attack reached other museums.

Meanwhile, the Grand Palais Rmn has implemented measures to keep its bookstores and boutiques operating normally.

French Museums Held Hostage for Crypto

The Grand Palais Rmn confirmed that its managed museums continue to function normally, and Olympic events proceeded without issues.

In response to the attack, Grand Palais Rmn informed ANSSI, the National Commission on Informatics and Liberty (CNIL), and the Ministry of Culture. Preliminary investigations have not detected any data exfiltration from compromised systems. However, threat actors allegedly left a ransom note demanding cryptocurrency payment or threatened to leak stolen data.

Prime Minister Gabriel Attal recently announced the foiling of nearly 70 cyberattacks related to the Olympics. This attack adds to the challenges of protecting digital infrastructures during the Games.

Je vais être désagréable un moment : ce cas est une énième illustration de communication de #crise ratée :
1⃣ l'info est révélée par la presse.
2⃣ elle est confirmée par une dépêche AFP floue et imprecise reprise partout…
3⃣ … https://t.co/20Ifn7bwwS

— Valéry Rieß-Marchive | @valerymarchive.bsky.social (@ValeryMarchive) August 6, 2024

According to Valery Marchive, editor-in-chief of LeMagIT, the attack was caused by a hijacked account of a Grand Palais Rmn collaborator. Info-stealer malware had stolen the collaborator’s credentials, allowing the attackers access.

No ransomware groups have claimed responsibility, leaving the identities of the threat actors unknown.