European Union data protection authorities said they had serious concerns about WhatsApp’s recent change in privacy policy in which it would share users’ phone numbers with Facebook, its first change in policy since Facebook bought the messaging service.

The authorities, known as the Article 29 Working Party, “requested WhatsApp to communicate all relevant information to the Working Party as soon as possible and urged the company to pause the sharing of users’ data until the appropriate legal protections could be assured.”

A spokeswoman for WhatsApp said the company was working with data protection authorities to address their questions.

“We’ve had constructive conversations, including before our update, and we remain committed to respecting applicable law,” she said.

The watchdogs also wrote to Yahoo (YHOO) over a massive data breach that exposed the email credentials of 500 million users, as well as its scanning of customers’ incoming emails for specific information provided by U.S. intelligence officials.

They asked the company to communicate all aspects of the data breach to the EU authorities, to notify the affected users of the “adverse effects” and to cooperate with all “upcoming national data protection authorities’ enquiries and/or investigations.

“Yahoo was invited to provide information on the legal basis and the compatibility with EU law of any such activity,” the watchdogs said in a statement regarding the email scanning.

The Yahoo and WhatsApp cases will be discussed by regulators in November.