PLUS: CISA layoffs continue; Lawmakers criticize camera security; China to execute scammers; And more

Infosec in brief There's no indication that the brazen bandits who stole jewels from the Louvre attacked the famed French museum's systems, but had they tried, it would have been incredibly easy.

CheckNews, the investigative arm of French news outlet Libération, got its hands on a series of security audits from the Louvre going back to 2014, which reveal a decade-long history of extremely poor infosec at the museum, and suggest the former home of jewels once owned by French royalty doesn't take security seriously. Hopefully that's changed.

According to the outlet's digging, the museum was guilty of basic security failures such as using the word "LOUVRE" as the password for its video surveillance server, and the password "THALES" as the password for a software platform provided by French vendor Thales.

Experts who tested the resilience of Louvre computer systems found them easy to break ...