Table of contents
- A cultural institution under cyber siege
- Who is INC Ransom: the most active ransomware group of 2025
- What was stolen: internal budgets, contracts, and artist IDs
- The reputational risk of a data breach
- Culture is not immune: cyber security must be a priority
A cultural institution under cyber siege
The Venice Biennale, one of the world’s most prestigious cultural institutions, has become the latest victim of a ransomware attack. On July 7, 2025, the foundation’s systems were breached by the INC Ransom group, which claims to have stolen over 800 GB of sensitive data. The claim was published on their Dark Web blog, and some of the stolen files have already been leaked.
This case marks another alarming episode in a growing trend where cybercriminals target not just businesses and governments, but also the world of arts and culture.
Who is INC Ransom: the most active ransomware group of 2025
INC Ransom has quickly gained notoriety for their aggressive cyber extortion tactics. With 179 attacks claimed in just seven months, the group has developed a reputation for choosing victims based on revenue. Their Dark Web site often highlights a victim’s estimated turnover—in this case, 18 million dollars for the Venice Biennale—as a way to set ransom amounts.
What was stolen: internal budgets, contracts, and artist IDs
In an official statement, the Biennale confirmed the incident, stating that it promptly isolated the systems, informed authorities, and initiated recovery operations with help from Yarix (Var Group). However, INC Ransom has already published proof of access, leaking:
- Sponsorship contracts with detailed amounts
- Internal budgets and financial spreadsheets
- Internal emails
- Scanned IDs and passports of artists and collaborators, including dancer Tamara Fernando
Thankfully, no ticketing or payment data involving the general public has been exposed so far. However, given the massive amount of data stolen, it is likely that more sensitive content is in the hands of the attackers.
The reputational risk of a data breach
Such attacks have a broader impact than technical disruption. They severely damage trust and credibility, especially for institutions like the Biennale that rely on sponsorships, artist participation, and public engagement.
Leaking internal financial documents and private data exposes the organization to long-term consequences, including funding issues and reputational loss.
Culture is not immune: cyber security must be a priority
This incident highlights a hard truth: no one is immune to cyber threats. Even nonprofits with a cultural mission can become victims if they handle sensitive data and manage significant funds. Investing in digital security is no longer optional, even in the art world.
It’s time for a paradigm shift. Institutions must treat cyber security as a strategic investment, not an afterthought.
