Downing Street has launched an investigation after Theresa May’s travel plans were left on a train in the latest in a long line of security breaches caused by the mishandling of sensitive documents.

The prime minister’s schedule for a visit to the north-west in January, including the address of a hotel she was booked to work from, were found in the first-class coach of a train to Edinburgh and passed to the Daily Mirror.

The document also outlined plans for a call to the Nato secretary general, Jens Stoltenberg, and arrangements for a “treasurers’ dinner” in Altrincham.

A government spokesman said: “We have been made aware of claims around a government document and will investigate accordingly.”

May had flown from RAF Northolt, west London, to Manchester before heading to a science park in Warrington for the 23 January visit.

After meetings and questions from the media, the plan was to travel by car to the Mere hotel in Knutsford and fly back to London after dinner.

Ken Wharfe, a former royal bodyguard, told the Mirror that leaving travel documents on a train was “inexcusable” and a “serious security breach”.

He said: “In today’s environment, it becomes a serious security matter when documents like this detailing the hourly movements of a protected person are misplaced. That’s just not acceptable.

“Theresa May is given this protection because she is a target and so, of course, this is a serious security risk. These papers give a detailed assessment of her movements. Had such information reached potential terrorists it could serve to confirm their plans.

“But also, importantly, it would highlight the lapse and suggest to those with such terrorist intentions the weakness surrounding their potential target.”

The prime minister’s mislaid travel plan is the latest security breach involving the clumsy handling of sensitive documents.

In 2011, the then international development secretary, Andrew Mitchell, was photographed coming out of Downing Street carrying documents relating to the conflict in Afghanistan.

In 2009 Bob Quick, Britain’s most senior counter-terrorism officer, was forced to stand down after being photographed carrying open documents into Downing Street in a leak that prompted an anti-terror operation to be brought forward.

In 2008 a senior civil servant pleaded guilty to breaching the Official Secrets Act after leaving top-secret documents on al-Qaida and Iraq on a train.

Earlier that year, the Ministry of Defence was forced to contact MI5 and MI6, as well as banks and individuals, after the theft of a laptop from a car. The computer held the personal details of 600,000 Royal Navy, Royal Marine and RAF recruits, and other people who had applied to join the services.

In 2007, HMRC lost computer discs carrying the full details, including bank account numbers, of 25 million child benefit claimants.