La Sapienza computer system in Rome, one of the largest universities in Europe 120,000 studentshas been down for three days after an apparent ransomware attack.
At shipment and story on Instagram published Tuesday, the university said that it removed the system as a precaution after the cyber attack, which investigated the incident and worked to restore all digital services, and some communication channels such as email and workstations “partially restricted.”
The school also said it was able to restore the system based on backups, which were not affected by the hack.
As of this writing the Sapienza website remains down.
Italian daily newspaper Il Corriere della Sera reported this week the disruption due to ransomware attacks, something that the school or other authorities have confirmed so far. The hacker allegedly sent the university a link to a ransom demand, which has a 72-hour countdown, which will start only after the link is clicked.
Contact Us
Do you have more information about this attack, or the Femwar02 ransomware gang? From a non-working device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email.
La Sapieza did not respond to TechCrunch’s emailed request for comment. It was unclear if the university was able to receive emails when we reached them.
A spokesman for Italy’s national cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (or ACN), which is investigating the incident, did not immediately respond to a request for comment, asking for more information and if the attack was caused by ransomware.
Techcrunch event
Boston, MA
|
June 23, 2026
In another article there, Il Corriere reported that the hacking group behind the attack is called “Femwar02,” which was previously unknown before the incident. The gang used the BabLock malware, which was discovered in 2023 and also known as Rorschachaccording to reports.
La Sapienza said that exams are being conducted as usual, but students who want to sit for the exam should contact the professor directly. The school also set up “infopoints” in several locations on campus to provide information to students.
Like other types of organizations, universities and schools are often the target of hackers. Last year, the famous hacking group ShinyHunters hacked Harvard University and the University of Pennsylvania and steal data – without using malware to encrypt the system – in an attempt to extort the school. The hackers announced this week that the school did not pay the ransom.