Cyber Incident Victim: Università degli Studi della Basilicata

On or around February 7, 2020, the Italian hacktivist collective LulzSec ITA conducted cyber intrusions targeting three Italian universities, including the University of Basilicata. The group publicly claimed responsibility for these attacks through a Twitter announcement on February 13, 2020, framing their actions as part of a long-term campaign against academic institutions. LulzSec ITA stated they had spent months identifying vulnerabilities in university systems prior to the breaches. Their operational timeline indicated they had targeted academic entities for approximately nine years prior to this incident, though specific details about the duration of the Basilicata compromise were not disclosed. The collective characterized these attacks as non-random selections, emphasizing deliberate targeting to demonstrate systemic security deficiencies.

The attackers asserted their primary motive was to expose inadequate cybersecurity practices within higher education environments, explicitly addressing students and faculty in their public statement. LulzSec ITA's translated message argued that universities, as training grounds for future leaders, must prioritize security fundamentals to cultivate better governance capabilities. While the collective did not specify the exact data compromised at the University of Basilicata, their broader campaign context suggested unauthorized access to institutional systems. No technical details regarding attack vectors, detection methods, containment procedures, or institutional responses were disclosed in available reporting. The incident highlighted ongoing security challenges within Italian academia, with attackers leveraging public disclosures to amplify their critique of cybersecurity preparedness in educational infrastructure.