Tower Administrative Services Data Breach Lawsuit Investigation
Received a June 2026 breach notice from Tower Administrative Services?
Dapeer Law, P.A. is investigating a potential class action against Tower Administrative Services, Inc., a Pennsylvania insurance-services administrator, on behalf of individuals whose personal information may have been exposed in a data security incident disclosed in June 2026.
Who may qualify
You may be eligible to participate in a class action if any of the following applies:
- You received a data breach notification letter from Tower Administrative Services dated June 2026.
- Your letter offered enrollment in complimentary 24-month credit monitoring and identity-protection services.
- You had personal or financial information held by Tower Administrative Services in its capacity as an insurance-services administrator.
- No proof of harm required to consult with counsel. You do not need to have already suffered identity theft to explore your legal options.
- Excluded: individuals who did not receive a breach notice and whose information was not involved in the incident.
Not sure if you qualify?
Send us your notice, we'll confirm your eligibility at no cost.
What happened
On June 26, 2026, Tower Administrative Services, Inc. disclosed a data security incident that affected systems storing sensitive customer information. The company reported the incident to both the Texas Attorney General and the Massachusetts Attorney General on that date. Filings with the two states indicate that a total of 27,866 individuals were affected, including 25,742 Texas residents and 2,124 Massachusetts residents.
According to the notices, the exposed data varied by state filing and may include Social Security numbers, financial account numbers, credit or debit card numbers, and first and last names. Tower Administrative Services states that it investigated and addressed the incident, notified affected individuals and state authorities, reviewed its policies and procedures, and is offering 24 months of complimentary credit monitoring and identity-protection services. The specific dates of the incident and its underlying cause have not been detailed in the public filings and remain among the items being evaluated.
Because the reported data elements include Social Security numbers and payment card and financial account information, affected individuals may face an elevated risk of identity theft and financial fraud. Dapeer Law is reviewing whether the company's data security practices and its handling of the incident may support legal claims on behalf of notice recipients.
What to do if you received a letter
Keep your notice letter
Do not discard it. Your letter contains the enrollment code for credit monitoring and is important evidence if you decide to participate in a lawsuit.
Enroll in the free 24-month credit monitoring
Enroll in the complimentary 24-month credit monitoring and identity-protection service offered in your letter before the stated deadline. Accepting this benefit does not waive your right to pursue legal action.
Place a fraud alert or credit freeze
Contact Equifax, Experian, and TransUnion to place a fraud alert or freeze on your file. Request a free weekly credit report from AnnualCreditReport.com, and use the FTC's IdentityTheft.gov recovery guide.
Speak with a data breach attorney
Consultations with Dapeer Law are free and confidential. We'll review your notice, explain your options, and advise whether you may be eligible to join a class action.
Submit your notice for a free review
Two minutes online. A licensed attorney reviews every submission.
Breach timeline
Compensation you may be entitled to
Out-of-pocket expenses
Credit freezes, identity restoration services, and other costs incurred responding to the breach.
Time spent monitoring
Hours spent reviewing accounts, disputing fraudulent charges, and dealing with identity theft issues.
Identity theft & fraud losses
Unreimbursed funds stolen from accounts, unauthorized credit lines, or tax refund fraud tied to the breach.
Statutory damages
Certain state data breach and consumer protection statutes provide for fixed damages regardless of actual loss.
Injunctive relief
Court orders requiring the company to implement stronger data security practices going forward.
Compensation categories depend on applicable state law, the types of data exposed, and documented losses. No recovery is guaranteed.
Common questions
I received a data breach letter from Tower Administrative Services. What should I do? +
Keep your breach notice letter, follow the enrollment instructions for the complimentary 24-month credit monitoring, review your bank, credit-card, and benefit statements for unauthorized activity, consider placing a fraud alert or credit freeze, and consult a data breach attorney. Because Social Security numbers and financial account information may be involved, monitor closely and report any suspicious activity to your financial institution.
Am I eligible to join a class action against Tower Administrative Services? +
If you received a breach notification from Tower Administrative Services, you may be eligible. Factors that affect eligibility include your state of residence, the categories of your data that were exposed, and whether you experienced losses or spent time resolving fraud. Eligibility is confirmed on a case-by-case basis during a free consultation.
How much money could I receive from a class action lawsuit? +
Data breach class action recoveries vary significantly. Settlements typically range from a few hundred dollars for basic out-of-pocket losses to several thousand dollars for documented identity theft, with class size, damages, and negotiation all affecting the final amount. No payout is guaranteed, and this investigation has not yet resulted in a settlement.
What personal information was exposed in the breach? +
The public filings indicate the exposed data varied by state and may include Social Security numbers, financial account numbers, credit or debit card numbers, and first and last names. The exact data elements affecting you should be listed in your individual notification letter, so review it carefully.
Did Tower Administrative Services offer free credit monitoring? +
Yes. Tower Administrative Services is offering complimentary credit monitoring and identity-protection services for 24 months. Enrollment details are included in the mailed notification letter, and enrolling does not waive your right to pursue legal action.
How many people were affected by the Tower Administrative Services breach? +
Filings with the Texas and Massachusetts Attorneys General report a total of 27,866 individuals affected, including 25,742 Texas residents and 2,124 Massachusetts residents. This page will be updated as more information becomes available.
Is there a deadline to take legal action? +
Yes. Statutes of limitations for data breach claims vary by state and legal theory, typically ranging from one to six years. Waiting can permanently bar your claim. Contact us as soon as possible for a free evaluation.
How do I get a copy of the official breach notice? +
The breach notice was filed with the Massachusetts Attorney General and can be downloaded from the Massachusetts government website. Dapeer Law can also help you obtain a copy during a free consultation.
Sources & references
- Official breach notice filing · Massachusetts Attorney General, Data Breach Notification
- Company · Tower Administrative Services, Inc. (toweradmin.com)
- Credit bureau freezes · Equifax · Experian · TransUnion
- Free weekly credit reports · AnnualCreditReport.com
- Identity theft recovery guide · FTC IdentityTheft.gov
Don't let the deadline decide for you. Submit your claim today.
You only have a limited window to act. Our team will review your notice, explain your options, and tell you whether you may be eligible to recover compensation, at no cost to you.