Malware, which is software that is specifically designed to disrupt, damage or gain unauthorised access to a computer, had made it onto their systems.
The harmful software was embedded in an email which had been sent to a council officer, according to the Local Democracy Reporting Service.
Gloucester City Council has had to rebuild all of its servers as a result of the attack, which has been linked to Russian hackers.
The latest estimate suggests the bill to the taxpayer is approaching the £1m mark.
Council officers said the museum’s access to the collection database was “rather fundamental”.
Opposition leader Jeremy Hilton said: “It is very worrying that in a council report it was mentioned that the museum services had not had access to its collections database, hindering important investigation into the city’s historic monuments.
“I hope this important information isn’t lost forever or that officers will not have to spend their valuable time inputting data all over again.”
Culture and leisure cabinet member Andy Lewis said he believed no records had been lost.
Talk to Cyber Security Company LoughTec today on how we can protect you with 24/7/365 real-time response. Book a demo by calling +44 (0) 2882 252 445 or emailing info@loughtec.com.