The British Museum is once again “running as normal” and all galleries have reopened following a recent alleged attack on the institutions IT systems by a former employee, a spokesperson has confirmed.
The museum says that a recently dismissed contractor was was able to get back into the building and shut down several systems, including its ticketing platform. Temporary exhibitions and some permanent galleries were subsequently closed on 24 and 25 January.
A statement on the museum’s website on Friday said: “Due to an IT infrastructure issue some galleries have had to be closed. Please note that this means capacity will be limited, and priority will be given to members and pre-booked ticket holders.”
The Metropolitan Police say officers went to the museum on Thursday 23 January after being called at 8.25pm following reports that “a man entered the British Museum and caused damage to the museum’s security and IT systems”.
Police attended and arrested a man in his 50s at the scene on suspicion of burglary and criminal damage, the police add. The man was bailed pending further enquiries.
A British Museum spokesperson told The Art Newspaper: “An IT contractor who was dismissed last week trespassed into the museum and shut down several of our systems. Police attended and he was arrested at the scene. With regret our temporary exhibitions were closed over the weekend; ticket holders were alerted and refunds offered.”
Temporary exhibitions currently on at the museum include Silk Roads (until 23 February), Hew Locke: What Have We Here (until 9 February) and Picasso: Printmaker (until 30 March).
According to TechRadar, the attack highlights the need for organisations to implement strict identity management policies, ensuring that credentials and privileges are rescinded when an employee’s contract ends.
The British Museum incident also highlights the ongoing threat of cyber attacks at arts institutions. A cyber attack on the digital systems of the British Library in London in 2023 affected its website, online systems and some onsite services.
In a report published last March, the British Library said: “As well as the exfiltration of data for ransom, the attackers’ methods included the encryption of data and systems, and the destruction of some servers to inhibit system recovery and to cover their tracks.”
