On October 18, the Louvre Museum suffered a jewelry theft during the day, and French royal jewelry worth US$102 million was stolen. According to the incident, the suspect even lost a crown during his escape and tried to create chaos by setting fire to a mechanical lift, but failed. The farcical theft was reminiscent of the fictional gentleman thief Arsène Lupin, who would have been shocked if he had been there.

The French media "Liberation" reported that this case was not an accident. The Louvre has long-term serious security loopholes and information system weaknesses. Over the past decade or so, the museum has been accumulating lapses in security and IT management. Cass Marshall, co-founder of Rogue and former Polygon editor, commented on Bluesky that video game designers may deserve an apology - we often laugh at the behavior of game characters leaving random security passwords and vault combinations, but the Louvre has actually been using "Louvre" as the password on the video surveillance server.

Internal documents disclosed by "Liberation" show that as early as 2014, during a network security audit commissioned by the Louvre Museum by the French National Cyber ​​Security Agency (ANSSI), experts were able to easily invade the museum's security network, manipulate video surveillance and modify pass permissions. The report said: "The experts were able to penetrate the system mainly because some passwords were too simple, which ANSSI called 'obvious'. Enter 'LOUVRE' to access the server that manages the video surveillance, and enter 'THALES' to access one of the software programs released by Thales."

The security in the game is more reasonable than in reality: the password of the Louvre is actually the Louvre!

In 2015, the Louvre once again requested the French Institute for National Security and Justice (INHESJ) to conduct an audit. A 40-page report submitted two years later found "serious deficiencies" in the museum, including poor management of visitor flow, easy access by climbing on the roof during construction, and old and frequently malfunctioning security systems.

Subsequent documents showed that by 2025, the Louvre was still using security software purchased in 2003 that had ceased support and was running on Windows Server 2003 systems. These long-standing vulnerabilities are believed to have contributed to the theft.