Paris
—
It’s the definitive proof behind the most spectacular heist this side of the millennium.
A French court released a report Thursday accusing Louvre leaders of focusing on high-profile purchases and renovation projects rather than keeping one of the world’s largest museums safe.
Pierre Moscovici, president of the Court of Accounts that prepared the report, told reporters on Thursday that the daring daylight robbery, in which four men made off with valuable historical jewellery, was a “deafening alarm”.
Echoing a report prepared before the Oct. 19 robbery, he said museum leadership was prioritizing “visibly appealing” projects such as art acquisitions and revamping the museum’s layout, to the detriment of security at the Louvre in particular.
Since the robbery, information has resurfaced indicating that the security flaws were likely known for years, including a 2014 warning that claimed one of the museum’s key passwords was simply “LOUVRE.” The new report only adds to the number of security flaws revealed by the heist.
So what went wrong?
Within four minutes of reaching the Louvre’s exterior walls, the robbers had scaled the building and smashed through the windows. Only then was the internal alarm triggered. Four minutes later, the robbers broke into the hardened case and made off with nine pieces of historic jewelry.
“The weaknesses in our country’s border defenses are known and have been identified,” Louvre director Laurence de Cases told lawmakers after the robbery.
The situation appears to be dire internally as well.
According to the report, as of 2024, security guards had only 432 surveillance cameras monitoring the inside of the Louvre’s 465 museum galleries. This is nearly a 50% increase compared to the number available in 2019, but still 61% of galleries are not covered by surveillance cameras.
The world’s largest art museum, the Louvre is approximately 652,300 square feet.
By comparison, the Detroit Institute of Arts boasts a similar footprint (including a theater and recital hall) but has more than 550 surveillance cameras, according to camera maker Axis.
De Cale told French senators that he envisions doubling the number of cameras on the 37-hectare Louvre grounds in the coming years.
Among its recommendations, the Court of Accounts’ report emphasized the need for the Louvre to strengthen its “internal control functions, which remain underdeveloped for an institution of the Louvre’s size.”
The Louvre’s security holes weren’t all physical. In the virtual realm, its track record is still lacking.
According to a 2014 report by the French Information Security Agency (ANSSI) obtained by the French daily Libération, the password for the server managing the museum’s vast CCTV network was simply “LOUVRE.” Liberation said access to the software, managed by security technology company Thales, was protected by a similarly foolproof password: THALES.
In a security audit, ANSSI reportedly recommended that the Louvre strengthen its cybersecurity and move away from outdated software that could compromise its protection posture.
ANSSI did not deny the report to CNN, but added that the audit “cannot be considered representative of the current security level” of the Louvre’s IT systems.
The report highlights the museum’s budget priorities in recent years, with approximately 27 million euros (approximately $31.1 million) being spent on maintenance works from 2018 to 2024, and a further 60 million euros being spent on the restoration of the Louvre.
In contrast, during this period, the Louvre spent twice that amount on changing the museum’s layout and buying up art.
The museum spent 105 million euros on art over the six years to 2024 and acquired 2,754 works in that time.
In 2021, the Louvre spent around 5 million euros on two works by French Rococo painter Jean-Honoré Fragonard. In April 2025, the Louvre purchased an “exceptional” Fabergé triptych for 2.2 million euros.
Many of the Louvre’s purchases are kept secret, especially regarding the purchase price. The Court of Accounts’ report said the Louvre must be more careful about the prices of the works it acquires, and specifically warned against buying art works at high prices that were sold at auction less than two years ago.
In contrast to the focus on flashy, eye-catching purchases, this damning report points to an alarming lag in the Louvre’s security infrastructure. It has been revealed that security upgrades recommended in the 2015 audit will still not be completed until 2032.
The report examined nearly eight years of museum operations, spanning a period led by two executives.
As of publication, no executives (or other staff) have been fired or resigned due to theft.
Mr. de Cal’s offer to resign as museum director was not accepted by French Culture Minister Rashida Dati.
Dati, known as something of a political bulldog in France, has been a vocal defender of the Louvre since it was disgraced by the Oct. 19 robbery.
“Did the security measures at the Louvre fail? No, they did not. That is a fact. The security measures at the Louvre worked,” she told lawmakers on October 21.
The next day, President Macron called for accelerated reinforcement of security measures at museums.
The following week, Dati softened his tone, admitting to French senators that although the security systems in place worked and staff followed protocols “to the letter,” the “grand theft” was clearly a failure for the museum.
“Security flaws did occur,” she said.
CNN’s Cecilia Montpetit contributed reporting.
