Vatican’s outdated systems and weak passwords expose Pope Leo XIV to hackers, with phishing and email hijacking attempts rising, expert warns.
Newsroom (14/11/2025 Gaudium Press ) The Vatican, the heart of the Catholic Church, is alarmingly vulnerable to cyberattacks, with outdated digital systems and lax security practices exposing sensitive communications, including Pope Leo XIV’s private video calls, to potential hackers, a cybersecurity expert has revealed.
Joseph Shenouda, a Coptic Orthodox Christian and cybersecurity specialist based near Eindhoven, Netherlands, told the Dutch daily Nederlands Dagblad that the Vatican’s digital infrastructure is so porous that hackers could, in theory, eavesdrop on the Pope’s personal tablet conversations, such as his video calls with his brother in Chicago. “We’re talking about a state with ministries and diplomats that doesn’t have its digital security in order,” Shenouda said, expressing frustration at the Holy See’s failure to address these glaring weaknesses.
Shenouda’s findings paint a troubling picture of a Vatican ill-equipped to fend off cyber threats. Simple scans of Vatican websites revealed that some still rely on default passwords as weak as “welcome123” and operate on long-outdated systems, making them easy targets for malicious actors. Fake Wi-Fi routers, which can intercept data from unsuspecting users, have even been detected in St. Peter’s Square, a hub for pilgrims and tourists.
The Vatican’s digital vulnerabilities have already attracted the attention of sophisticated hackers. Shenouda disclosed that a Chinese hacker group attempted to hijack the Vatican’s email system during delicate negotiations with Beijing over the appointment of Catholic bishops in China. Some Vatican employees’ email addresses have also surfaced for sale on the dark web, raising concerns about the potential compromise of sensitive diplomatic correspondence.
Daily phishing attempts further compound the problem, with Shenouda noting a spike in attacks whenever Pope Leo XIV comments on contentious global issues, such as the war in Ukraine. “If the Pope says anything about the war in Ukraine, we immediately see attacks,” he said, highlighting the targeted nature of these cyber assaults. Additionally, Shenouda pointed to evidence of Vatican IP addresses being used to access pornography, a practice he described as “not very smart” and indicative of broader carelessness in digital hygiene.
The root of the problem, according to Shenouda, lies in the Vatican’s historical focus on evangelization through digital communications, with little attention paid to cybersecurity. While the Holy See has embraced technology to spread its message—through social media, apps, and websites—it has neglected to invest in robust defenses. The Vatican has acknowledged its shortcomings but cited a lack of in-house expertise as a barrier to addressing the issue effectively.
Shenouda first uncovered these vulnerabilities in 2022 and has since founded the Vatican Cyber Volunteers, a group of 110 cybersecurity experts from multiple countries who monitor the Vatican’s digital systems and compile periodic reports for the Dicastery for Communications. However, Shenouda emphasized that this volunteer effort, while well-intentioned, is no substitute for professional, in-house cybersecurity measures. “It obviously best if the Vatican takes action itself,” he said, urging the Holy See to appoint a dedicated information security officer to oversee its digital defenses.
Despite the warnings, Shenouda expressed dismay at the Vatican’s slow response. “In Rome, it just doesn’t seem to sink in that they need to wake up,” he said, underscoring the urgency of the situation for an institution that plays a pivotal role in global diplomacy and spiritual leadership.
As cyber threats grow more sophisticated, the Vatican’s failure to modernize its digital infrastructure risks not only its own security but also the privacy of its global network of clergy, diplomats, and faithful. For now, the Holy See remains a digital open door, inviting exploitation in an era where cybersecurity is paramount.
- Raju Hasmukh with files from The Tablet
Related Images:
