Law Firm and Attorney Deny Misconduct in MOVEit Breach Settlement

Orrick and a plaintiffs lawyer defend $900,000 settlement in Oklahoma, denying violations of federal court orders in the MOVEit data breach case. Judge Burroughs reviews the controversial negotiations.

August 28 2024 , 05:23 PM  •  526 views

Law Firm and Attorney Deny Misconduct in MOVEit Breach Settlement

In a recent development concerning the 2023 MOVEit software breach, Orrick, Herrington & Sutcliffe, one of the largest law firms in the United States, and plaintiffs attorney William Federman have refuted allegations of violating court orders in a federal legal proceeding. The case, stemming from a cybersecurity incident that affected hundreds of organizations worldwide, has taken an unexpected turn with a controversial settlement in Oklahoma state court.

Image

The dispute centers around a $900,000 settlement negotiated in Oklahoma, which Federman and Orrick claim was within their authority and outside the scope of the related federal case in Massachusetts. This settlement, involving Paycom Software Inc, an American online payroll and human resource technology provider affected by the MOVEit breach, has raised questions about potential conflicts with the ongoing multidistrict litigation (MDL) in Boston.

Orrick has defended its actions, urging U.S. District Judge Alison Burroughs in Boston to find that the firm had not violated any case management orders. The law firm emphasized that the settlement negotiations for Paycom Payroll were proper and aimed to "put money in the pockets of the individuals whose data was impacted."

In response to criticism from lawyers involved in the Boston litigation, Federman characterized their opposition as "personal attacks" and maintained that the Oklahoma settlement was beneficial for the plaintiffs. The controversy highlights the complex nature of data breach litigation, which often spans multiple jurisdictions and involves intricate legal procedures.

The MOVEit breach, which occurred approximately 15 months ago, has spawned numerous legal actions and highlighted the growing importance of cybersecurity in the legal industry. As courts grapple with technology-related cases, the outcome of this dispute could set important precedents for future cybersecurity litigation.

Judge Burroughs is currently reviewing the situation, having ordered Orrick and Federman to explain their actions on August 13, 2024. The judge's decision on whether to take further steps in her review is eagerly anticipated by all parties involved.

This case underscores the challenges of managing complex, multi-jurisdictional litigation in the wake of large-scale data breaches. As cyber attacks continue to pose significant threats to organizations worldwide, the legal community must navigate the delicate balance between efficient resolution and proper procedural conduct.

"Paycom wants to put money in the pockets of the individuals whose data was impacted, and move on with business."

Statement from Orrick, Herrington & Sutcliffe

As the legal proceedings unfold, the cybersecurity community watches closely, recognizing that the resolution of this case may have far-reaching implications for how future data breach litigations are handled across different court systems.