Australians were caught in the latest Facebook hack and government officials have questions for the company

Facebook co-founder, Chairman and CEO Mark Zuckerberg. Chip Somodevilla/Getty Images

Australian authorities are investigating the Facebook hack.

The Office of the Australian Information Commissioner (OAIC) says it has been notified by Facebook of an incident involving the security of Facebook accounts.

Australian users are reporting being kicked out of Facebook and then having to log in again.

Nearly 50 million people were affected by the hack, and Facebook reset the accounts of another 40 million users as a “precautionary step”.

“The OAIC is making inquiries with Facebook about the facts, including the number of Australians who may have been impacted by the incident,” a spokesman said.

The OAIC is also in contact with the Australian Cyber Security Centre about the incident.

Over the weekend Facebook revealed it had detected a security breach in which attackers gained access to the personal information of around 50 million Facebook users.

The hackers also gained access to personal information from third-party apps and services, like Tinder, Spotify, Airbnb and Instagram, which allow users to sign up using their Facebook login.

It remains unclear who was behind the attack and whether specific people were targeted.

But we know of at least two high-profile victims — Facebook CEO Mark Zuckerberg, and COO Sheryl Sandberg. A spokesperson confirmed to Business Insider that the company’s two top execs had been affected.

Facebook was hacked through a vulnerability in the site’s “View As” feature.

As a result, Facebook reset users’ accounts to protect their security. Nearly 50 million people were affected by the hack, and Facebook reset the accounts of another 40 million users as a “precautionary step.”

The fallout from the hack could cost Facebook dearly.

The tech giant faces fines as much as $US1.63 billion ($2.26 billion) by an EU privacy watchdog.

Ireland’s Data Protection Commission, Facebook’s lead regulator in Europe, says it’s asked for more information about the nature and scope of the hack, which may have violated the EU’s new privacy law called the General Data Protection Regulation.

Australia’s Notifiable Data Breaches scheme, which started in February this year, requires organisations to notify affected individuals whose personal information is involved in an eligible data breach.

The scheme has brought to light a series of major data breaches including the PageUp hack, which has exposed recruitment records of hundreds of thousands of Australian job seekers who made confidential online applications for jobs.