MANILA - The National Privacy Commission said Tuesday that it is awaiting word from Facebook on how many Filipinos were affected when the social media giant was breached by hackers last week.

Facebook revealed Friday that hackers exploited a trio of software flaws to steal "access tokens," the equivalent of digital keys that enable people to automatically log back into the social network.

• Facebook: Security flaw affected almost 50 million accounts

Hackers could have accessed users' private information, which may be used as a "jumping point" for other criminal activities, said NPC commissioner Raymund Liboro.

"Hinihintay natin iyung kasagutan sa ilan nga bang mga Pilipino ang naapektuhan sa pangyayaring ito ," he told radio DZMM.

(We are awaiting their answer on how many Filipinos were affected by this incident.)

"Clearly, failure on the part of security ng Facebook ito," he added.

(Clearly, this is a security failure on the part of Facebook.)

Watch more in iWantv or TFC.tv

• Pinoys urged to use tougher authentication after Facebook data breach

Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night.

"We don't know if any accounts were actually misused," Zuckerberg said. "This is a serious issue."

As a precaution, Facebook is temporarily taking down the "view as" feature -- described as a privacy tool to let users see how their profiles look to other people.

No passwords were taken in the breach, only "tokens," according to vice president of product management Guy Rosen.

Information hackers appeared interested in included names, genders, and home towns, but it was not clear for what purposes, the executives said in a telephone briefing.

The stolen tokens gave hackers complete control of accounts. Facebook is trying to determine whether hackers tampered with posts or messages.

Hackers could have also gotten into third-party applications linked to Facebook accounts, but it was too early to determine whether that happened, according to the social network.

Attackers would have been able to meddle with Instagram accounts lined to Facebook, but could not have tampered with the social network's WhatsApp messaging service, according to executives.

The breach is the latest privacy embarrassment for Facebook, which earlier this year acknowledged that tens of millions of users had personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016.

• From hackers to political manipulation: The scandals bedeviling Facebook

"We face constant attacks from people who want to take over accounts or steal information around the world," Zuckerberg said on his Facebook page.

"While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place."

With a report from Agence France-Presse