The computer systems of La Sapienza in Rome, one of the largest universities in Europe with around 120,000 students, have been down for three days following an apparent ransomware attack.
In a post and stories on Instagram published Tuesday, the university said that it took down its systems out of precaution following the cyberattack, that it was investigating the incident and working on restoring all digital services, and that some communication channels such as email and workstations are “partially limited.”
The school also said that it was working to restore systems based on backups, which were not affected by the hack.
As of this writing the Sapienza website remains down.
Italian daily news outlet Il Corriere della Sera reported this week that the disruption is due to a ransomware attack, something that the school nor other authorities have confirmed so far. The hackers allegedly sent the university a link to a request for a ransom, which has a countdown of 72 hours, which would start only once the link is clicked.
Contact Us
Do you have more information about this attack, or the Femwar02 ransomware gang? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email.
La Sapieza did not respond to TechCrunch’s request for comment sent via email. It’s unclear if the university is able to accept email at the time we reached out.
Spokespeople for Italy’s national cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (or ACN), which is investigating the incident, did not immediately respond to a request for comment, asking for more information and if the attack was caused by ransomware.
Techcrunch event
Boston, MA
|
June 23, 2026
In another article on Wednesday, Il Corriere reported that the hacking group behind the attack is called “Femwar02,” which was previously unknown prior to this incident. The gang used the BabLock malware, which was discovered in 2023 and is also known as Rorschach, according to the report.
La Sapienza said that exams are proceeding as normal, but students who want to sign up for exams must do so directly with professors. The school also set up “infopoints” on several locations on campus to provide information to students.
Like other types of organizations, universities and schools are frequent targets of hackers. Last year, the notorious hacking group ShinyHunters hacked Harvard University and University of Pennsylvania and stole data — without using malware to encrypt its systems — in an effort to extort the schools. The hackers revealed this week that the schools did not pay the ransom.