What should I do if I was affected by a data breach?

If you were affected by a data breach, you should immediately monitor your financial accounts, place a fraud alert or credit freeze with the major credit bureaus (Equifax, Experian, and TransUnion), change passwords for affected accounts, and consult a data breach lawyer to understand your legal rights and potential compensation options. Act quickly — statutes of limitations apply.

Can I receive financial compensation after a data breach?

Yes. Victims of data breaches may be eligible for financial compensation through class action lawsuits or individual claims. Recoverable damages can include identity theft losses, out-of-pocket expenses, lost time, and compensation for the ongoing risk of future harm. A free consultation with a data breach attorney can help determine your eligibility.

How long do I have to file a data breach lawsuit?

Statutes of limitations for data breach claims vary by state, typically ranging from one to three years from the date you discovered — or reasonably should have discovered — the breach. In some states, the clock starts from the breach date itself. Contact a data breach lawyer as soon as possible to preserve your rights.

Tower Administrative Services Data Breach

What Happened?

Tower Administrative Services Inc., a Pennsylvania-based insurance administration company headquartered in Lancaster, has disclosed a data breach that exposed sensitive personal information after an unauthorized party gained access to its corporate network.

According to the company’s notice, suspicious activity was identified within its network, prompting an investigation. The investigation determined that certain information stored within the company’s systems was subject to unauthorized access or acquisition on or around February 3, 2026. After discovering the incident, Tower Administrative Services conducted a detailed review to determine what information was involved and which individuals were affected.

Who was affected?

Tower Administrative Services stated that the breach affected individuals whose personal information was stored within the company’s systems, including customers or consumers whose data was maintained as part of its insurance administration services.

What Information was taken?

According to Tower Administrative Services, the information involved may have included:

Names
Social Security numbers
Addresses
Financial account information

The specific information exposed may vary by individual.

What is the company doing?

Following the discovery of the incident, Tower Administrative Services investigated the unauthorized access, reviewed the affected systems, and identified the individuals whose information may have been impacted.

The company is offering affected individuals complimentary credit monitoring and identity protection servicesthrough Cyberscout and Identity Force. Individuals who received a notification letter can enroll using the unique activation code included in their letter within 90 days of the notification date.

Tower Administrative Services also established a dedicated assistance line available Monday through Friday, from 8:00 a.m. to 8:00 p.m. Eastern Time, excluding major U.S. holidays, to answer questions regarding the incident.

Affected individuals may also contact the company by mail at:

Tower Administrative Services
8 Marticville Road
Lancaster, PA 17603

What can you do?

Anyone who received a notification letter should review it carefully to determine what information may have been involved. Because Social Security numbers and financial account information were potentially exposed, affected individuals should consider taking the following precautions:

Enroll in the complimentary credit monitoring and identity protection services.
Monitor bank and financial account statements for unauthorized transactions.
Review credit reports for unfamiliar accounts or inquiries.
Consider placing a fraud alert or security freeze with the major credit bureaus.
Report suspected identity theft or financial fraud immediately.

Links for more information

Nebraska Attorney General

Notice of Data Breach