U.S. law firm Orrick, Herrington & Sutcliffe announced its ongoing efforts to reach a settlement with plaintiffs involved in a class action related to a data breach that occurred in March 2023, compromising personal information of individuals associated with the firm’s clients.
In a court filing submitted in the San Francisco federal court, Orrick disclosed that it had arrived at a preliminary agreement to settle four consolidated lawsuits representing hundreds of thousands of alleged victims affected by the breach.
The court documents did not provide details on the settlement terms. In a released statement, Orrick expressed regret for the “inconvenience and distraction” caused by the malicious incident and announced its commitment to swiftly resolving the matter within a year of the breach.
The firm emphasized its continued focus on enhancing system security and safeguarding client and firm information.
Orrick confirmed that both parties are in the process of finalizing the settlement agreement, which is anticipated to be presented for approval to U.S. District Judge Susan Illston.
The firm expects to conclude the settlement terms within the next 15 days.
William Federman, legal representative for the plaintiffs, declared the pending settlement as “fair and reasonable” and asserted that it would resolve all outstanding litigation stemming from the data breach.
The lawsuits were initiated by individuals whose data had been gathered by Orrick’s clients, such as Delta Dental of California and EyeMed Vision Care, and subsequently compromised in the security breach.
According to one of the cases, hackers allegedly gained unauthorized access to files held by Orrick, compromising the personal details, including names, addresses, dates of birth, and Social Security numbers of more than 460,000 individuals.
Orrick stated that the proposed settlement would comprehensively address all claims arising from the breach.
In a court filing, plaintiff Dennis Werley of Stockdale, Texas, reported receiving spam phone calls disclosing sensitive personal information about him, which he attributed to Orrick’s data breach.