Computer systems at Rome's La Sapienza University, one of Europe's largest universities with around 120,000 students, were down for three days after an apparent ransomware attack.
In an Instagram post and story published Tuesday, the university said it had shut down its systems as a precautionary measure following the cyberattack, that it was investigating the incident and working to restore all digital services, and that some communication channels, such as email and workstations, were “partially restricted.”
The school also said it was working to restore its systems based on backups and was not affected by the hack.
As of this writing, Sapienza's website remains down.
Italian daily Il Corriere della Sera reported this week that the disruption was the result of a ransomware attack, something schools and other authorities have so far confirmed. The hackers allegedly sent the university a link to the ransom demand, with a 72-hour countdown that would begin once the link was clicked.
Contact Us Do you have more information about this attack or the Femwar02 ransomware gang? You can contact Lorenzo Franceschi-Bicchierai securely from a non-work device on Signal (+1 917 257 1382) or on Telegram, Keybase and Wire @lorenzofb, or by email.
La Sapieza did not respond to TechCrunch's emailed request for comment. At the time of our contact, it is unclear whether the university can accept emails.
A spokesperson for Italy's national cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (ACN), which is investigating the incident, did not immediately respond to a request for comment, asking for further information and whether the attack was caused by ransomware.
tech crunch event
Boston, Massachusetts | June 23, 2026
Il Corriere reported in a separate article on Wednesday that the hacker group behind the attack, known as “Femwar02,” was unknown before the incident. According to the report, the gang used the BabLock malware, which was discovered in 2023 and is also known as Rorschach.
Professor La Sapienza said that exams are being held as usual, but students who wish to take the exam must apply directly to their professor. The school has set up “info points” at several locations on campus to provide information to students.
Like other types of organizations, universities and schools are often targeted by hackers. Last year, the notorious hacker group ShinyHunters hacked Harvard University and the University of Pennsylvania, stealing data without using malware to encrypt the systems and attempting to extort the schools. The hackers revealed this week that the school did not pay the ransom.