Facebook could face a fine of up to £1.25 billion after at least 50million of its accounts were hacked.

Criminals exploited a security flaw to access the accounts, putting huge amounts of sensitive, personal information at risk.

But Facebook only announced the breach on Friday, three days after it happened –and was last night still unable to say how many British accounts had been affected.

Facebook said yesterday they had discovered a data breach in which hackers had stolen 'access tokens' to force their way into tens of millions of accounts

A screen grab taken from Facebook of a warning message sent to users after the social network said it had recently discovered a security breach affecting nearly 50 million users

As the hunt for the hackers continued, the Irish Data Protection Commissioner – which regulates the web giant’s European data compliance as it is headquartered in Dublin – criticised the company, saying: ‘The notification lacks detail.’

Facebook is now bracing itself for a massive fine under new European Union data laws that can require firms to pay out up to four per cent of its global turnover. Facebook generated £31.2 billion in revenue last year.

The crooks gained access to accounts through Facebook’s ‘view as’ feature which allows users to see what their profiles look like when others view them.