M&T Bank's Motion to Vacate Transfer Order in Data Breach MDL Should Be Denied, Says PSC

Progress Software Corp. (PSC) requested that the Judicial Panel on Multidistrict Litigation deny M&T Bank’s motion to vacate conditional transfer order 31 in In Re: MOVEit Customer Data Security Breach Litigation, said its response (docket 3083) Wednesday to M&T’s motion. The M&T cases at issue – Twoguns v. M&T Bank and Wormack v. M&T Bank -- involve the May data breach in PSC’s MOVEit file transfer software. Like other cases, M&T’s cases allege the compromise of plaintiffs’ personally identifiable information (PII), said the response, and the panel has already found that the MOVEit vulnerability is at the core of all cases in the MDL, making it “impossible” to “disentangle the allegations against Progress … from the allegations against other defendants,” it said. M&T argues its cases are “somehow different” from others in the MDL for reasons the panel has “already considered and rejected,” the response said. M&T argues in its motion to vacate that transfer isn't warranted because the cases don’t share common factual issues with the MDL and transfer will be inefficient and inconvenient for the parties, said the filing. M&T also argues that the actions involve third-party vendors; “supposedly do not involve the exposure” of PII; PSC isn’t named as a party in the actions; the M&T actions involve “unique issues and create no risk of inconsistent rulings"; the actions won’t create duplicative discovery; transfer would force M&T to litigate against direct competitors; and the parties oppose centralization in the MDL, said the response. “Each of these arguments has either been considered and rejected by the Panel or ignores the realities of the cases in MDL, which are similarly situated, for the purposes of centralization, with the M&T Actions,” said PSC’s response.