The computer systems of La Sapienza in Rome, one of Europe’s largest universities with around 120,000 students, were down for three days after an apparent ransomware attack.
In a post and Instagram stories published on Tuesday, the university said it had taken down its systems as a precaution following the cyber attack, that it was investigating the incident and working to restore all digital services, and that some communication channels such as email and workstations were “partially restricted”.
The school also said it was working to restore systems based on backups that were not affected by the hack.
At the time of writing, the Sapienza website remains down.
Italian daily Il Corriere della Sera reported this week that the breach was caused by a ransomware attack, which has not yet been confirmed by the school or other authorities. The hackers allegedly sent the university a link to a ransom note that has a 72-hour countdown that would only start when the link is clicked.
Contact us
Do you have more information about this attack or the Femwar02 ransomware gang? From a non-working device, Lorenzo Franceschi-Bicchierai can be reached securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or email.
La Sapieza did not respond to TechCrunch’s request for comment via email. It is unclear whether the university is able to receive email at the time we reached out.
Spokesmen for Italy’s national cybersecurity agency, the Agenzia per la Cybersicurezza Nazionale (or ACN), which is investigating the incident, did not immediately respond to a request for comment, asking for more information and whether the attack was caused by ransomware.
Techcrunch event
Boston, MA
|
June 23, 2026
In another article on Wednesday, Il Corriere reported that the hacker group behind the attack is called “Femwar02”, which was unknown before the incident. The gang used the BabLock malware, which was discovered in 2023 and is also known as Rorschach, according to the report.
La Sapienza said exams are going on as normal, but students who want to register for exams must do so directly with professors. The school has also set up “information points” at several locations on campus to provide information to students.
Like other types of organizations, universities and schools are frequent targets for hackers. Last year, the notorious ShinyHunters hacking group hacked Harvard University and the University of Pennsylvania and stole data — without using malware to encrypt their systems — in an attempt to blackmail the schools. The hackers revealed this week that the schools did not pay the ransom.