It's been called the heist of the century, and while four criminals have been charged over the October 2025 Louvre jewel heist, the jewels themselves are still out there in the wild as authorities fear they might never be recovered.
Paris public prosecutor Laure Beccuau confirmed that three have been linked to the robbery through DNA, with these 'local petty criminals' responsible for stealing what's dubbed as France's own crown jewels.
Just 30 minutes after the famous museum opened, eyewitnesses reported suspicious activity to the police, although they weren't able to stop the group dressed in hi-vis jackets from escaping with some €88 million ($101 million) of jewels from the Galerie d'Apollon. One former jewel thief suggested it was a potential inside job carried out by amateurs, and given that they reportedly dropped a crown once belonging to Empress Eugénie, the wife of Napoleon III, there was also their somewhat amusing escape on a slow-motion furniture lift that has gone viral on social media.
Now, another seemingly embarrassing detail has come out, with French newspaper Libération (via PCGamer) claiming that the Louvre had a pretty easy password that was keeping its top-secret security video loop under lock and key.
Advert
The outlet reports that the password for the Louvre video surveillance servers was simply "Louvre." While many of you might mock the seemingly simple error of video games having museums, embassies, and banks with easy-to-crack passwords that a small child could arguably guess, few would've expected it to happen in real life.
Libération supposedly reviewed confidential documents that date back to 2014, with a cybersecurity audit from the French Cybersecurity Agency (ANSSI) being able to easily break into the network. ANSSI experts were apparently able to slip into the famed museum's security network to manipulate video surveillance and even modify badge access. Sounding like something from IO Interactive's upcoming 007 First Light, Libération's Brice Le Borgne asked, "How did the experts manage to infiltrate the network? Primarily due to the weakness of certain passwords, which the French National Cybersecurity Agency (ANSSI) politely describes as 'trivial'."
He continued: "Type 'LOUVRE' to access a server managing the museum's video surveillance, or 'THALES' to access one of the software programs published by… Thales."
Advert
The Louvre asked for another audit from France's National Institute for Advanced Studies in Security and Justice in 2015, and concluding two years later, the 40-page dossier calls out 'serious shortcomings' and 'poorly managed' visitor flow.
If that wasn't damning enough, there were mentions of low rooftops that would be easily accessible during construction work, as well as outdated security systems.
Other documents maintain that the Louvre was still using outdated security software, purchased in 2003, which was still being used in 2025. Alarming that it would've been running on the obsolete Windows Server 2003 software.
As the 2025 heist was the first art theft from the museum since Le chemin de Sèvres was stolen in 1998, we imagine it’ll lead to a massive security update. Unfortunately, there are accusations that things have gotten pretty lax over the past few decades.
Advert
While it's a relief that no one was injured in the latest heist, it's baffling that the whole saga took just eight minutes.