A recent Freedom of Information request has uncovered that Avon and Somerset Police experienced over 250 data breaches in the last three years. According to Data Breach Claims UK, a total of 263 breaches occurred since 2022, with 121 incidents reported during the 2023/24 period alone.
Data breaches typically involve the accidental destruction, alteration, loss, or unauthorized disclosure of personal information, such as addresses or phone numbers. Avon and Somerset Police clarified that the majority of these breaches involve internal errors, specifically the mistaken sharing of information among officers and staff, with no indication that data was shared outside the force.
Bethan Simons, a solicitor at JF Law, emphasized the serious consequences of such breaches: “Information leaks can lead to identity theft, fraud, harassment, and significant emotional distress. If a police data breach causes financial or emotional harm, victims may have grounds to pursue legal action and should seek advice promptly.”
READ MORE: Ilminster Housing Plan Moves Forward with Hedgerow Removal and Biodiversity Gains
READ MORE: Plans Submitted for New Somerset Care Home Featuring Sensory Garden
Breaking down the figures, 94 breaches occurred in 2022/23, 121 in 2023/24, and 48 in 2024/25. Most breaches (172 cases, nearly two-thirds) involved compromised information, while only three cases (1.1%) were classified as unlawful activity.
Avon and Somerset Police issued a statement acknowledging their responsibility: “We have seen a significant reduction in breaches last year, largely due to improved procedures. The vast majority stem from human error within the force rather than external data sharing.”
The force highlighted ongoing efforts to strengthen data protection, including mandatory training on data handling and breach reporting for all personnel, encryption and secure storage of records, regular audits, and the oversight of a dedicated data protection team. A recent assessment by the Information Commissioner’s Office (ICO) praised their clear, well-structured procedures and proactive breach reporting.
Bethan Simons added that many breaches arise not from cyberattacks but from human mistakes such as misdirected emails, lost devices, or accidental public data exposure. She stressed the need for police forces to implement rigorous data protection policies, comprehensive staff training, encryption measures, and strict controls on data sharing and retention.
Anyone concerned about being affected by a police data breach is encouraged to contact Data Breach Claims UK for advice on potential claims.