A previously unheard of data breach has left millions of employees who use workplace vending machines vulnerable to having their personal data used for cybercrime. Who is accountable to the employees and how will they recover from possible theft as a result of the breach?