What Happened
In June 2022, the University of Pisa (Unipi) suffered a ransomware attack perpetrated by the BlackCat (ALPHV) ransomware group, which seized the university’s IT systems and demanded a $4.5 million ransom with a deadline of June 16, 2022, threatening to increase the demand to $5 million if unpaid. The attack involved the exfiltration of sensitive data dating back to 1989, including information about prospective students, current and former students, and staff members. BlackCat employed a “double extortion” strategy, threatening to publicly release the stolen data if the ransom was not paid. The University of Pisa did not publicly disclose whether it paid the ransom or provide details about the final outcome of the attack.
