LAKE FOREST, Ill. — Shred-it’s ninth annual Data Protection Report finds that more than half of all C-suite executives (53%) and nearly three in 10 small business owners (28%) who suffered a breach reveal that human error or accidental loss by an external source, including vendors, was the cause of the data breach.

The annual report, formerly known as The Security Tracker: State of the Industry Report, was designed information and data security risks currently threatening U.S. enterprises and small businesses and includes findings from a survey conducted by Ipsos.

When assessing additional causes of data breaches, the report found that nearly half of all C-suites (47%) and one in three small business owners (31%) say human error or accidental loss by an employee or insider was the cause.

What’s more, one in five C-Suites (21%) and nearly one in three small business owners (28%) admit deliberate theft or sabotage by an employee or other insider was the cause of the data breach, compared to two in five C-Suites (43%) and one in three small business owners (31%) who say deliberate theft or sabotage by an external source caused their organization to suffer a data breach.

“For the second consecutive year, employee negligence and collaboration with external vendors continues to threaten the information security of U.S. businesses,” said Ann Nickolas, senior vice president of Stericycle, the provider of Shred-it information security solutions. “New to this year, however, is that the report revealed how deliberate sabotage by both employees and external partners are very real risks organizations face today. The consequences of a data breach are extensive and are not limited to legal, financial and reputational damage. As the report showed, data breaches can affect employee retention too.”

While the result of a data breach can have a variety of consequences on U.S. businesses, one of the most important factors is that a breach has an immediate effect on employee trust in an organization. In fact, one-third (33%) of the U.S. workforce say they would likely look for a new job if their employer suffered a breach of customer (31%) or employee data (35%).

Additionally, nearly half of all consumers (47%) would wait to see how a business reacts to a data breach they’ve suffered before making up their mind about what to do, nearly one in four consumers (23%) would stop doing business with the company and nearly one-third (31%) would tell others about the breach.

To download the full report, click here.