<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Law firm Orrick and plaintiffs attorney deny violating orders in data breach class action</title></head><body>

By Mike Scarcella and David Thomas

Aug 28 (Reuters) -Law firm Orrick, Herrington & Sutcliffe and a plaintiffs lawyer have denied violating court orders in a U.S. legal proceeding over the 2023 breach of Progress Software’s MOVEit program that affected hundreds of organizations worldwide.

In a court filing on Tuesday, plaintiffs attorney William Federman said he and Orrick had authority to negotiate a $900,000 settlement in Oklahoma state court that was outside the scope of a related proceeding in federal district court in Massachusetts.

Orrick last week in a filing said its settlement negotiations for defendant Paycom Payroll were proper, and urged U.S. District Judge Alison Burroughs in Boston to find that the law firm, one of the country’s largest, had not run afoul of case management orders. Oklahoma-based Paycom last year was a victim of the MOVEit-related cyber attack.

Federman told Reuters on Wednesday that the opposition from lawyers involved in the Boston litigation amounted to "personal attacks" against him. He defended the Oklahoma settlement as being good for the plaintiffs.

Orrick did not immediately respond to requests for comment on Wednesday, and neither did the attorneys who are leading the multidistrict litigation in Boston.

The submissions from Orrick and Federman, who is based in Oklahoma, came in response to an Aug. 13 order from Burroughs directing the firm and attorney to explain their actions.

The attorneys leading the federal litigation had raised questions about the propriety of the settlement in Oklahoma, prompting Burroughs to investigate.

In a filing, the lawyers in Burroughs’ court asserted that Orrick and Federman had negotiated a settlement that could unfairly knock out claims in the litigation in Boston.

The lawyers in the federal case contend they were not timely told about the negotiations in Oklahoma and that the attorneys there were engaging in "bad-faith procedural gamesmanship."

Orrick and Federman countered that the settlement negotiations in Oklahoma began in February, before Burroughs issued a key case management order that is in dispute.

Federman's filing accused class counsel of spinning a "false narrative." Orrick told Burroughs that Paycom wants to "put money in the pockets of the individuals whose data was impacted, and move on with business."

Burroughs has not yet said what further steps, if any, she will take as part of her review.

The case is In Re: MOVEit Customer Data Security Breach Litigation, U.S. District Court for the District of Massachusetts, No. 1:23-md-03083-ADB.

Read more:

Law firm Kirkland sued in class action over MOVEit data breach

MOVEit hack spawned over 600 breaches but is not done yet -cyber analysts

US health department, law firms latest hit in wide-ranging hack

Reporting by Mike Scarcella

</body></html>