Almost 50 million Facebook users have been left exposed by a security flaw.
The company said attackers were able to exploit a vulnerability in a feature known as "View As" to gain control of people's accounts.
The breach was discovered on Tuesday and Facebook said it has informed police.
Users that had potentially been affected were prompted to re-log-in on Friday but the company said users did not have to change their passwords.
The firm's vice-president of product management Guy Rosen said the flaw has been fixed, adding that all affected accounts had been reset.
Another 40 million accounts had been reset "as a precautionary step".
Facebook - which saw its share price drop more than 3 per cent on Friday - has more than two billion active monthly users.
The firm would not say where in the world the 50 million users are but it has informed Irish data regulators, where Facebook's European subsidiary is based.
"Since we've only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed. We also don't know who's behind these attacks or where they're based, " Mr Rosen said.
"People's privacy and security is incredibly important, and we're sorry this happened."