conti attacks EbixCash Limited

Incident Date:

February 12, 2022

World map



conti attacks EbixCash Limited


EbixCash Limited




Noida, India

Uttar Pradesh, India

First Reported

February 12, 2022

EbixCash Limited Targeted by Ransomware Group Conti

Overview of EbixCash Limited

EbixCash Limited, a prominent international provider of On-Demand software and E-commerce services to the insurance, financial, and healthcare sectors, has recently fallen victim to a ransomware attack orchestrated by the Conti group. With a broad operational footprint spanning Brazil, Singapore, Australia, the US, UK, New Zealand, India, and Canada, EbixCash stands as a significant entity in the global market. The company, which is a subsidiary of the US-based Ebix Inc., maintains its corporate website at and is headquartered in New Delhi, India.

Transitioning from a private to a public limited company in 2022, EbixCash Limited is navigating through a challenging phase, especially with its parent company, Ebix Inc., filing for bankruptcy in 2023. Despite the bankruptcy proceedings being limited to Ebix entities in the US, the repercussions have inevitably influenced the strategic financial planning of EbixCash Limited, particularly affecting its Initial Public Offering (IPO) ambitions aimed at repaying convertible bonds worth Rs 335 crore to its parent.

Ransomware Attack on EbixCash Limited

The ransomware attack on EbixCash Limited underscores the escalating menace of cyber threats, with ransomware attacks, in particular, posing significant disruptions to business operations. These attacks not only encrypt data, rendering it inaccessible, but also demand hefty ransoms for data release. The international stature of EbixCash, coupled with the financial vulnerabilities introduced by its parent company's bankruptcy, likely exacerbated its appeal as a target for cybercriminals.

This incident serves as a stark reminder of the critical need for robust cybersecurity measures, especially for corporations with extensive global operations and those undergoing financial instabilities. It highlights the importance of proactive defense strategies to mitigate the risks of ransomware and other cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.