AN INVESTIGATION has been launched after the personal details of almost 2,000 council workers were leaked in a major security breach.

Sensitive data including bank account details, addresses and national insurance numbers of employees and councillors at East Devon District Council were sent to a private email address by a former manager.

Councillors have described the incident as "disturbing" and trade union representatives are advising workers on how to deal with the situation.

Fraud experts have been drafted in to help with the investigation and the findings are expected to go to the police.

A helpline has also been set up for concerned workers.

Council bosses told the Echo a former senior manager, with access to payroll reports, sent a spreadsheet to a personal email address at home shortly before leaving his employment.

The council says the incident was "unauthorised" and affects 1,891 staff, councillors, employees of Leisure East Devon and pensioners formerly employed at the council.

They have stressed no details belonging to council tax or business rate payers were included in the breach.

Exmouth councillor Eileen Wragg, who has been affected by the incident, said: "It is very disturbing. There has to be trust between officers, staff and councillors.

"I suppose all we can do is wait for the outcome of the investigation as to whether any criminal offence has been committed.

"It is not a nice feeling knowing someone has such personal data about you."

The council has reported the incident, which happened around Monday, August 16, to the Information Commissioner, who has launched an investigation.

Mark Williams, chief executive of East Devon District Council, said: "We recently became aware of an incident that has breached the council's information security policy.

"Experts are checking to ensure no fraudulent use has been made of the information in question.

"We have informed all individuals affected by this breach.

"We have employed the services of a fraud prevention service and there is a helpline for any concerned individuals to phone if they wish to do so.

"Due to the very serious nature of this incident, we have taken all possible steps to ensure the risk to individuals are minimised and that the data remains confidential. While this is an extremely regrettable incident, nothing of this type has happened before at EDDC."

Union bosses are offering advice to workers caught up in the security breach.

Karen Williams, regional organiser for Unison, which represent about 200 workers at East Devon District Council, said the union had received several calls from concerned members.

"Members are worried about both the breach itself but also the consequences of the course of action they are being advised to take as a result of the incident," she said.

"We are concerned about whether adequate safeguards were in place at the council and whether the authority took appropriate steps under the Data Protection Act.

"We would encourage members to contact us and we will obtain independent legal advice for them."

The council says it has drafted in a forensic IT specialist to check the computer in question and ensure the data has been deleted. To protect the identity of those affected, the council has offered to register staff and councillors' details with the UK Fraud Prevention's protective registration service.

A spokesman for the Information Commissioner's Office said: "We have received a report from East Devon District Council regarding this incident.

"We will be looking into the breach and seeing what steps the council will be taking to make sure the breach doesn't happen again."