The computer systems of La Sapienza in Rome, one of the largest universities in Europe with approx 120,000 studentswas down for three days after an apparent ransomware attack.
In a post and to stories In an Instagram post on Tuesday, the university said it took down its systems as a precaution after the cyber attack, that it is investigating the incident and working to restore all digital services, and that some communication channels, such as email and workstations, are “partially restricted.”
The school also said it is working to restore backup-based systems that were not affected by the hack.
As of this writing, the Sapienza website remains down.
Italian daily Il Corriere della Sera was mentioned this week that the outage was due to a ransomware attack, which neither the school nor other authorities have so far confirmed. The hackers reportedly sent the university a link to a ransom demand, which has a 72-hour countdown that would only start when the link is clicked.
Contact us
Do you have more information about this attack or the Femwar02 ransomware gang? From a non-working device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or via email.
La Sapienza did not respond to TechCrunch’s emailed request for comment. It is unclear whether the university can accept email at the time we contacted.
Representatives of Italy’s national cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (or ACN), which is investigating the incident, did not immediately respond to a request for comment asking for more information and whether the attack was caused by ransomware.
Techcrunch event
Boston, MA
|
June 23, 2026
In an article on Wednesday, Il Corriere was mentioned that the hacker group behind the attack is called “Femwar02”, which was previously unknown before this incident. The gang used BabLock malware, which was discovered in 2023 and is also known as Rorschachaccording to the report.
La Sapienza said exams are proceeding as normal, but students who want to register for exams must do so directly with professors. The school also set up “information points” at various locations on campus to provide information to students.
Like other types of organizations, universities and schools are frequent targets of hackers. Last year, the notorious ShinyHunters hacker group hacked Harvard University and the University of Pennsylvania and stole data — without using malware to encrypt their systems — in an attempt to blackmail the schools. The hackers revealed this week that the schools did not pay the ransom.
