The Irish Data Protection Commission announced an investigation on a Facebook security breach that affected 600 million of user passwords.

The social media platform confirmed that dozens of thousands of employees had access to 600 million unencrypted user passwords, which made them easy to read and access.

The IDCP – who was put in charge of the case due to the fact that Facebook’s European headquarters are located in Dublin – pointed out the fact that the social media platform has provided all available data related to the security breach.

As a consequence, an investigation has been opened to determine whether Facebook violated the E.U.’s General Data Protection Regulation laws.

A spokesperson for the social media platform commented that “they are collaborating with the IDCP’s investigation” while remarking on the fact that there “is no evidence” that proves that “the internally-stored passwords” were “subject to abuse” or had been “unlawfully accessed.”

Last month, Facebook admitted that the affected data was, for years, stored by the California-based Menlo Park company, where it had no encryption, a common-use tool when it comes to managing tech industry passwords. This means that anyone with access to them could read them.

Mark Zuckerberg’s company warned that the breach could have affected millions of Facebook Lite users, a lighter version of the app meant for older devices and slower internet connections, as well as users of both Facebook and Instagram.

Likewise, the social media platform assured everyone that the problem was solved as soon as it was detected, back in January. Meanwhile, an internal investigation determined that the passwords never left their databases and that no staff member made inappropriate use of them.

This isn’t the first time the IDCP investigates Facebook security breaches. Just last year, an attack by cyber-pirates affected around 50 million users of the social media platform.