Bloomberg Law
Privacy & Cybersecurity
LinkedIn

Orrick Gains Approval for $8 Million Settlement in Breach Suit

Nov. 8, 2024, 6:36 PM UTC
Cassandre Coyer
Cassandre Coyer

Orrick, Herrington & Sutcliffe LLP gained approval for a $8 million agreement resolving claims its lack of reasonable security measures allowed a 2023 data breach that exposed the personal information of nearly 153,000 people.

Judge Susan Illston of the US District Court for the Northern District of California approved the settlement at a hearing Friday, congratulating both parties on the efficiency of the case. Illston said she’ll issue an order on attorneys’ fees shortly.

Plaintiffs sued Orrick last year in a series of complaints accusing the law firm of failing to implement reasonable protections to safeguard its computer systems, enabling a March 2023 data breach. The cyber incident exposed names, addresses, dates of birth, and Social Security numbers, the complaints said.

Four complaints were ultimately consolidated in December.

In May, Illston preliminarily granted a motion for settlement requiring Orrick to pay $8 million into a non-reversionary settlement fund.

Plaintiffs’ counsel asked for a 25% award from the settlement for attorneys’ fees, pointing to the “excellent result” obtained in a “good time frame.”

Class members are entitled to cash payments of up to $2,500 for out-of-pocket expenses, $7,500 for extraordinary losses, $25 per hour for up to five hours of attested time (for a total of $125), an alternative cash payment of $75, and $150 for class members with California Consumer Privacy Act claims, according to the motion for preliminary approval of the settlement.

Affected individuals are also entitled to seek three years of additional credit monitoring, the filing said.

Plaintiffs’ counsel said at the hearing they’ve received tens of thousands of claims so far, noting that they expect additional claims to keep coming in.

Green and Noblin PC and Federman & Sherwood represent the plaintiff and proposed class. Alston & Bird LLP represents Orrick.

This case is In Re: Orrick, Herrington & Sutcliffe, LLP Data Breach Litigation, N.D. Cal., No. 3:23-cv-04089, motion for final settlement approval heard 11/8/24.

To contact the reporter on this story: Cassandre Coyer in Washington at ccoyer@bloombergindustry.com

To contact the editors responsible for this story: James Arkin at jarkin@bloombergindustry.com; Adam M. Taylor at ataylor@bloombergindustry.com

Learn more about Bloomberg Law or Log In to keep reading:

Learn About Bloomberg Law

AI-powered legal analytics, workflow tools and premium legal & business news.

Already a subscriber?

Log in to keep reading or access research tools.