The Data Protection Commission has begun an investigation into last week's Facebook data breach, in which around 50 million accounts were affected.
The commission said the investigation would examine the company’s compliance under GDPR to ensure the security of the personal data it processes.
It said that Facebook was continuing its own internal investigation into the breach.
The company said it was continuing to take remedial actions to mitigate the potential risk to users.
Facebook has said that around 50 million accounts were hit in last week’s data breach.
The Data Protection Commission said on Monday that it understands up to five million of the accounts that were hit were from the EU.
Facebook has assured the commission that it would be in a position to provide a more detailed breakdown of affected accounts soon.
It remains unclear how many accounts hit by the breach were in Ireland.
The issue arose when attackers exploited a vulnerability in the social network's code for "View As" - a feature that lets people see what their own profile looks like to someone else.
This enabled them to steal access tokens, which they could then use to take over people's accounts, the company said.