Richard Thomas, the Information Commissioner, said he is "horrified" by the number of data breaches organisations have admitted to over the last year and has asked for more power to stop this happening in future.

In its annual report, the Information Commissioner’s Office (ICO) said between 2006 and 2007 there had been 24,000 enquiries and complaints regarding misuse of personal information held by retailers, banks, public bodies and Government departments.

From this number, one-third of these companies were found to have breached the Data Protection Act (DPA) and of these three-quarters were asked to take remedial actions such as implementing a data protection policy or training staff.

David Smith, Deputy Information Commissioner, told Computeractive: “If you add together all the organisations who keep our information, it makes an enormous amount. Our whole life would probably be on all these records if we put them together.

“This is bad enough when they are on a business desktop computer but when companies start printing out this data and throwing it in bins, or putting it onto an unsecured laptop then the danger is greater.

"A National Insurance number in this case would be a key piece of information which could be used to commit ID theft.”

Smith said the situation is so serious that the ICO needed to be given stronger powers by the Government to crack down on errant organisations.

“We want to be able to walk into any organisation unannounced and check the way they deal with their customer’s data. This means businesses would be kept on their toes,” he said.

The ICO report found that internet firms generated the most complaints, accounting for 13 per cent of the total. This was followed by banks and lenders who received 12 per cent of complaints. Direct marketing and telecoms both generated around a tenth.

A number of high profile data breaches were highlighted to show the seriousness of the situation. These included NHS and Social Services which had lost details such as National Insurance (NI) numbers and people's addresses when notebook PCs were stolen.

Additionally, 12 high street banks were found guilty of discarding customers' personal details including statements, cut up credit cards and loan applications in unsecured bins.

The ICO does take action against companies if it finds them in breach of the DPA, but is currently only allowed to do carry out unannounced audits on companies it has already prosecuted.

It wants to be given powers that would allow it to carry out surprise checks against any company to ensure that the necessary security measures are in place.

Nick Herbert, Shadow Justice Secretary for the Conservative Party, agreed this was necessary.

“The adequacy of penalties for serious breaches of the Data Protection Act and unlawful use of personal information should now be reviewed," he said.

James Roper, chief executive at IMRG, also said more needed to be done.

“Retailers must begin to treat their customers' details with respect, they must turn it around and think about how they would feel if their details were in someone else’s hands,” he added.