Rowan Companies in Houston, Texas reports that on May 13, they detected an intrusion into their system that contained employee and non-employee vendor and contractor personal information. According to their notification to the New Hampshire Attorney General’s Office, they also received some reports of misuse of personal credit card, PayPal accounts, and bank account information.
Although it had not been confirmed as of their May 27 correspondence to the state, the firm believes that someone acquired the login credentials to their network.
In response, the firm, which provides contract off-shore drilling services in the U.S. and abroad, retained a forensics consultant, forced a company-wide password reset, shutoff certain access points to their network, implemented additional controls and monitoring, and also began to implement additional security enhancements.
Those who appear to have suffered any consequences that might be linked to the incident have been offered free credit monitoring services.