Providers: Email is main data breach culprit