A Freedom of Information request has revealed that Avon and Somerset Police experienced more than 250 data breaches in the last three years. Data compiled by Data Breach Claims UK indicates there have been 263 breaches since 2022, with 121 occurring during the 2023/24 period alone.
Data breaches involve the unauthorized destruction, alteration, or loss of personal information, such as addresses or phone numbers. Avon and Somerset Police stated that the majority of these breaches stem from accidental sharing of data among officers and staff and do not involve disclosures outside the force.
Bethan Simons, solicitor at JF Law, emphasized the serious consequences of such breaches: “Information leaks can lead to identity theft, fraud, harassment, and significant emotional distress. If the police’s negligence caused a breach resulting in financial or emotional harm, affected individuals may be entitled to pursue legal claims. It is important to seek legal advice promptly.”
READ MORE: Concerns Raised Over Remote Working After Baby’s Death at Somerset Maternity Unit
READ MORE: Plans Unveiled for New Somerset Care Home Featuring Sensory Garden
Breaking down the incidents, 94 breaches occurred in 2022/23, 121 in 2023/24, and 48 so far in 2024/25. Compromised information accounted for nearly two-thirds of the breaches (172 cases). Only three incidents (1.1%) were linked to illegal activity.
Speaking to Somerset Live, Avon and Somerset Police reiterated that most breaches involved internal sharing errors, not external leaks. A spokesperson said: “We acknowledge our responsibility to protect data and are encouraged by the reduction in breaches last year. Most incidents arose from procedural errors during internal data sharing. Sensitive information is strictly accessible to authorized personnel only.”
To combat these issues, the police force has implemented extensive staff training on data handling, privacy, and breach reporting. Records are encrypted and securely stored, with regular audits conducted to identify potential risks. A dedicated team continuously works to strengthen policies and raise awareness.
The spokesperson added: “Each breach is carefully evaluated following Information Commissioner’s Office (ICO) guidelines and our internal protocols to ensure an appropriate response. The ICO recently reviewed our processes and praised their clarity and our proactive approach to reporting breaches.”
Bethan Simons also highlighted that many breaches are due to human error rather than cyberattacks. Examples include misdirected emails, documents sent to wrong recipients, lost or stolen devices containing data, and accidental publication of sensitive information. Internal misuse, such as unauthorized access or failure to redact details, also contributes to breaches.
“To prevent such incidents, police forces must prioritize comprehensive staff training, enforce encryption protocols, and maintain strict policies on data sharing and retention,” she advised.
Individuals who believe they have been affected by police data breaches are encouraged to contact Data Breach Claims UK for advice and potential claims.