Two police forces in England have admitted mishandling the sensitive data of victims, witnesses and suspects in cases including domestic abuse incidents, sexual offences, assaults, thefts and hate crime.

Norfolk and Suffolk police said the data of 1,230 people was included in files responding to freedom of information requests and apologised.

The Information Commissioner’s Office said both forces had been placed under formal investigation, which could result in fines.

In a statement the forces said there was no evidence anyone had clicked on links to read the files.

It is the latest data disaster to hit policing, with blunders admitted in the last week by the Police Service of Northern Ireland – the most serious, which has left officers fearing for their lives – and by Cumbria police.

The Norfolk and Suffolk forces, which share some back-office services to cut costs, said in a statement: “Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to freedom of information (FoI) requests for crime statistics, issued between April 2021 and March 2022.

“A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FoI requests. The data was hidden from anyone opening the files, but it should not have been included.

“The data … includes personal identifiable information on victims, witnesses and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.”

Police said the 1,230 people affected would be contacted by September. A specialist team of officers and staff have been diverted to the issue from their normal duties.

Both forces added: “Strenuous efforts have been made to determine if the data released has been accessed by anyone outside of policing. At this stage we have found nothing to suggest that this is the case.”

Eamonn Bridger, a temporary assistant chief constable speaking for both forces, said: “We would like to apologise that this incident occurred, and sincerely regret any concern that it may have caused. I would like to reassure the public that procedures for handling FoI requests … are subject to continuous review to ensure that all data under the constabularies’ control is properly protected.”

Stephen Bonner of the ICO said: “It’s too soon to say what our investigation will find, but this breach – and all breaches – highlights just how important it is to have robust measures in place to protect personal information, especially when that data is so sensitive.

“We are currently investigating this breach and a separate breach reported to us in November 2022. In the meantime, we will continue to support organisations to get data protection right so people can feel confident their information is secure.”