After bookstore chain Indigo suffered a ransomware attack, current and former employees are concerned about their personal information being exposed on the dark web, Global News reports. In light of other cyberattacks of Canadian businesses like Sobeys, questions from employees have risen over their legal recourses if their data is stolen in a breach, which typically target customer data. A recent Ontario Court of Appeal ruling made it harder for individuals to file class-action lawsuits against companies that sustain data breaches. Only employee data in federally regulated industries is protected under the Personal Information Protection and Electronic Documents Act.