An Israeli cybersecurity firm has revealed that the group behind the recent jewel heist at the Louvre Museum attempted to negotiate through the darknet to sell the stolen treasures to the museum for tens of millions of euros, but the latter ignored their offer, even after receiving apparent proof of possession.

CGI Group, the Israeli company at the center of the allegation, said it was contacted by an individual claiming to represent the thieves just days after the October 19 robbery, in which priceless artifacts were taken from the Louvre’s famed Apollo Gallery. Despite alerting the museum’s management, the firm said its warnings went unanswered for nearly a week.

Tzvika Naveh, CEO of CGI Group, said the company received an encrypted message through its website five days after the heist. The sender allegedly offered to negotiate “on the darknet for the purchase of the stolen pieces,” limiting the exchange to a 24-hour window.

According to Naveh, CGI engaged in several encrypted chats with the individual, who appeared to possess at least some of the missing jewels. “They were on the run and needed to get rid of the loot quickly,” he said. The company said it passed all information to the client who had commissioned its services, who, in turn, informed the Louvre.

Firm blames Louvre for delay 

Naveh accused the museum of failing to act swiftly, claiming its six-day delay in responding undermined the potential for recovery.

Related News

France arrests five new suspects over Louvre heist

Prosecutor to give update as two men face charges over Louvre heist

“We lost credibility with the thieves, and the Louvre missed a real opportunity to recover the jewelry,” Naveh alleged. “Unfortunately, it seems ego and hesitation played a role.”

He added that CGI had previously warned about darknet chatter suggesting possible plans to target the Louvre, potentially even the Mona Lisa, during an interview with Italy’s Il Tempo newspaper months earlier.

Louvre denies direct contact; heist investigation expands

The Louvre Museum has denied having any direct communication with CGI Group. The Israeli firm, however, maintains that its Italian branch handled the exchange, likely under the direction of an insurance agency linked to the museum.

Meanwhile, French authorities have arrested five additional suspects as the investigation widens. Two men had already been detained earlier, one at Charles de Gaulle Airport as he attempted to board a flight to Algeria, and another in the Paris area. Despite these arrests, the stolen jewelry remains missing.

Heist details and ongoing mystery

The October 19 break-in saw masked burglars enter the museum’s Apollo Gallery, home to treasures from France’s imperial past, and steal jewelry from the Napoleonic collection. The haul included items once owned by Empress Eugénie and Empress Marie Louise, with an estimated value exceeding $100 million.

No one was injured in the robbery, which French investigators have described as one of the most audacious museum thefts in recent history.

Israeli firm’s darknet dealings spark outrage over Louvre heist role

The CGI Group’s alleged involvement in the Louvre jewel heist case exposes the increasingly blurred line between cybersecurity and digital opportunism. By asserting that it engaged directly with the thieves on the darknet and facilitated secret communications on behalf of unnamed clients, the Israeli firm has sparked serious concerns over legality, accountability, and motive. If verified, such conduct could amount to an unauthorized meddling in a criminal investigation, one that may have obstructed French law enforcement’s efforts to recover the stolen treasures.

Beyond the immediate scandal, the episode sheds light on a wider and deeply troubling pattern: the growing role of Israeli private intelligence and cybersecurity firms operating in legal and ethical gray zones under the guise of “digital mediation” or “threat intelligence". Often tied to Israeli-linked networks and opaque business interests, these entities exploit high-profile crises for political or financial gain while evading international oversight.

As investigators press on with the search for the missing jewels, the Louvre affair underscores a broader warning: when private Israeli contractors act beyond judicial scrutiny, their supposed fight against cybercrime risks morphing into a tool for profit and manipulation, blurring the boundary between law enforcement and exploitation.