Rome’s Sapienza University went offline this week after a cyberattack forced an immediate shutdown of network systems and disrupted services for a campus with more than 112,500 enrolled students. In an Instagram post the university said its IT infrastructure “has been the target of a cyberattack”.
KEY FACTS
- Incident Cyberattack prompted an immediate network shutdown
- Institution Sapienza University in Rome, more than 112,500 enrolled students
- Impact Website offline and digital services disrupted
- Response Technical task force and national authorities engaged
The university notified authorities and formed a technical task force to begin remediation and restoration. Technicians are working with the national CSIRT, Agenzia per la Cybersicurezza Nazionale and the Polizia Postale to recover systems.
The university’s public website remained offline and temporary infopoints were set up so students could obtain information normally accessed through digital systems and databases that are currently unavailable.
The report links the incident to the Bablock/Rorschach ransomware family and to an actor calling itself Femwar02, and documents claims of data encryption and a ransom demand with a reported 72 hour deadline.
Security analysis of Rorschach identifies fast encryption and extensive customization, and notes that while this strain does not run a public extortion portal, stolen data may still be shared or sold to other extortion actors.
WHY IT MATTERS
The outage affects teaching, student services and administrative systems for a large university population, and the potential for encrypted or leaked data raises risks for individuals and institutional operations while recovery continues.