Top museums hit by apparent cyberattack on Vivaticket — Louvre and other institutions affected

News
By published

RansomHouse hacking group is claiming responsibility

The entrance of the Louvre Pyramid, two weeks after a robbery at the Louvre in Paris, France, November 3, 2025.
(Image credit: NurPhoto/via Getty Images)
  • RansomHouse hit Vivaticket through subsidiary Irec SAS
  • Customer data stolen, including names and reservation details
  • Attack disrupted ticketing for museums and venues across Europe

International ticketing platform Vivaticket was recently hit with a ransomware attack which affected a number of top museums, theaters, and other similar venues.

In a new entry on their data leak website, a group going by RansomHouse said it struck Vivaticket through its subsidiary, Irec SAS, and accused this company of trying to sweep the whole thing under the rug.

“We strongly recommend that you contact us to prevent your confidential data and project documents from being disclosed,” the hackers apparently said.

Article continues below

Assessing the impact

The crooks said that in the attack, they stole customer data including people’s full names, email addresses, purchase history and reservation details, country of residence and postal codes, and account metadata and login timestamps.

This may not seem like much, but for cybercriminals it’s more than enough to launch convincing phishing attacks and steal login credentials or deploy malware on people’s computers.

We don’t know exactly how many people are affected by the attack, but they could be in the millions. Vivaticket works across 50 countries, handles ticketing for some of the world’s most popular museums, such as the Louvre, and manages approximately 850 million tickets on a yearly basis.

There is no notice of the incident on Vivaticket’s website, and its newsroom site is currently offline.

Citing the French Ministry of Culture, Cybernews says the financial impact of the attack is currently being assessed. Financial data, such as banking information or credit cards, were most likely not accessed.

The French National Cyber Security Directorate (ANSSI) and other law enforcement agencies have been brought in, and are currently assessing the scope of the attack, as well as the damages.

However, the breach is affecting the industry, as apparently many museums can’t access secure online ticketing, and some European venues had to shut down their booking systems entirely.

Via Cybernews

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.