Breaches in data security, including two cyber attacks, in the last three years have cost Lancashire County Council £51,000 in compensation payments.

The authority has revealed it has suffered 19 personal data breach incidents since 2021.

The compensation payout total is the third highest figure of all county councils in the UK.

The figures for the authority - which provides services including adult and children's social care, education and highways to 12 districts including Hyndburn, the Ribble Valley, Burnley, Pendle and Rossendale - were revealed after an investigation by DataBreachClaims.org.uk (DBC).

Its Freedom of Information requests to all England's county councils have revealed a stark increase both in terms of human error and cyber-attacks across UK councils.

Data breach expert at DBC, Eleanor Coleman, said: “This rise is worrying and we hope that organisations are ensuring that they have sufficient security in place to protect people’s personal information.”

Councils are expected to collect, store, use, share and dispose of personal information or data about individuals in line with General Data Protection Regulation (GDPR) and the Data Protection Act (DPA).

According to the Information Commissioner’s Office, cyber attacks on local authority systems increased by 24 per cent between 2022 and 2023.

Personal data breaches reported by local governments soared by 58 per cent in the same time period.

Lancashire Council confirmed it suffered a total of 19 personal data breach incidents since 2021.

A total of seven incidents were recorded between 2021/22, followed by another seven breaches the following year.

Between 2023 and March 2024, five incidents were logged.

The authority disclosed two cyber attacks in the past three years, both in 2022/23.

It confirmed a total of £51,099.25 has been paid out in compensation for data breach claims since 2021.

Ms Coleman says: “We have noticed an increase in data breaches generally over the last year, both in terms of human error and cyber-attacks.

“We understand this is worrying and hope organisations are ensuring they have sufficient security in place to protect people’s personal information.”

A spokesperson for Lancashire County Council said: “Safeguarding data is extremely important to us.

"Any suspected security incidents are reported immediately and investigated by the council, and as required referred to the Information Commissioner’s Office.

"The regulator has always been satisfied with the council's response.

"We have robust measures in place which we continually review in light of increasingly sophisticated cyber-attacks."