Cyber Incident Victim: Rowan Companies

On May 13, 2014, Rowan Companies, a Houston-based provider of offshore drilling services, detected an unauthorized intrusion into its corporate systems. The compromised systems contained personal information belonging to employees as well as non-employee vendors and contractors. While the exact method of initial access remained unconfirmed at the time of their May 27 notification to the New Hampshire Attorney General’s Office, the company indicated a belief that attackers had acquired legitimate login credentials to penetrate their network. Following the breach, Rowan received reports of fraudulent activity involving personal credit cards, PayPal accounts, and bank accounts, though a definitive link between these incidents and the system intrusion had not been established by the notification date. The company initiated immediate containment measures, including disabling specific network access points suspected of being exploited and mandating a full password reset across all company accounts.

Rowan engaged a digital forensics firm to investigate the scope and methodology of the intrusion while implementing additional security controls and enhanced monitoring protocols across their network. The organization also began rolling out further security enhancements to harden their systems against future compromises, though specific technical details of these measures were not disclosed. As a precautionary measure, Rowan offered complimentary credit monitoring services to individuals who experienced financial consequences potentially attributable to the breach. The incident impacted both domestic and international operations, reflecting Rowan’s global contracting footprint, but did not disrupt offshore drilling services. No evidence suggested exfiltration of proprietary drilling technology or operational systems, with the compromise appearing focused on personally identifiable information and financial accounts.