Plaintiffs in MOVEit Case vs. Genworth Oppose Motion to Transfer to MDL
Gilbert Hale, Linda Hale and Alan Wooten, plaintiffs in Hale v. Genworth Financial, oppose movant Bruce Bailey’s motion to transfer and consolidate all related actions in MOVEit Customer Data Security Breach Litigation and transfer them to the U.S. District Court for the District of Minnesota, said their Thursday filing (docket 3083) before the U.S. Judicial Panel on Multidistrict Litigation.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Genworth “improperly sought to tag several actions against Genworth as related actions in this MDL, including Hale,” the plaintiffs said. Because the litigation against Genworth will be primarily focused on the insurer’s actions and inactions on its data breach, centralization of its actions should be denied for the same reasons the JPML denied centralization in Accellion v. Customer Data Security Breach Litigation, said the filing.
Bailey filed a class action in July in the District of Minnesota, alleging claims arising from the May MOVEit software data breach, naming Progress Software (PSC), producer of the MOVEit software, and Pension Benefit Information (PBI) as defendants; the next day he filed a motion for centralization and transfer of related actions to the Minnesota court. The motion sought only to consolidate and transfer other actions naming original defendants PSC and PBI (see 2307120053).
After Bailey’s filing of the MDL motion, Genworth customers filed several cases against the insurer, alleging it failed to adequately protect its customers’ information, said the Hale filing. All were filed in the Eastern District of Virginia “and none of which name any of the original MDL Defendants,” the motion said; they were all tagged by Genworth as “related” to MDL 3083. Subsequent filings by Bailey and Genworth sought to "sweep the Genworth cases into a proposed sprawling MDL to include every customer of PSC’s MOVEit software that suffered a data breach," said the filing.
A plaintiff voicing similar concerns, Carlos Harding, filed an interested party response this month about his Aug. 8 class action against Maximus (see 2308160045). Harding urged the JPML to deny Bailey’s motion for transfer and centralization of related actions involving the MOVEit breach that only named Maximus and Maximus Federal Services. Harding said if the JPML considers “defendant-specific MDLs," it should centralize the Maximus cases in the Eastern District of Virginia.
Bailey's original motion didn't seek centralization of any cases against Genworth but in subsequent filings, he “vastly expands the scope of the centralization he seeks to include all actions stemming from breaches that involved the MOVEit software vulnerability, even those that do not name any of the MDL Defendants,” said the Hale opposition.
Genworth tagged all cases naming Genworth, only one of which names an MDL defendant following an amendment, and it argues PSC, as seller of MOVEit, “is responsible for Genworth’s failed data security." Genworth's arguments "should be rejected based on the underlying facts, and the Panel’s now well-established precedent,” the filing said. There's no basis to centralize the Genworth cases “into an unbounded MDL involving potentially scores or hundreds of defendants simply because they all happened to use the same software,” said the Hale plaintiffs. “Just as there is no support for a 'global' MDL, there is also no need for centralization of defendant-specific MDLs," it said.
Of the six pending MOVEit cases against Genworth, five are pending in the Eastern District of Virginia, the filing said. The Hale plaintiffs anticipate those cases “may be informally coordinated or consolidated in the Eastern District of Virginia without the need for an MDL." Given the panel’s “deference to informal coordination, no defendant-specific MDL for Genworth is needed here,” it said. Genworth is headquartered in Richmond, Virginia.
If Hale Plaintiffs need discovery from PSC, such discovery could be informally coordinated, said the filing. The “far more time-consuming, and important discovery” will be those Hale plaintiffs seek from Genworth, “namely depositions of Genworth executives and employees, including cybersecurity officers and those in charge of protecting the class’s private data,” it said.
Litigating unrelated claims against “potentially hundreds of varying defendants that happened to use the MOVEit software in one consolidated action will create significant inefficiencies as the transferee court and the parties will constantly have to sort out which issues overlap and which do not,” said the filing: “It will also multiply the parties and counsel involved in a manner that is contrary to the goals of centralization.”