Facebook admits Cambridge Analytica hijacked data on up to 87M users

Facebook will warn 87 million users, mostly in the U.S, that their data “may have been improperly shared with Cambridge Analytica by apps that they or their friends used”, the company just announced. Facebook CTO Mike Schoepfer tells TechCrunch that Facebook will warn these users with a notice atop the News Feed with information about what data of theirs might have been attained, and what they should do now. It will also show its new bulk app permissions removal tool atop the feed.

Schroepfer says that 87 million is the maximum number of users impacted, up from initial reports from the New York Times of 50 million people effected, as Facebook isn’t positive of how many people had their data misused. It likely doesn’t want to low-ball and have to revise the number upward later, as it did when it initially reported the Russian election interference ads were seen by 10 million users and later had to admit to congress it was actually 126 million when organic posts were included. Mark Zuckerberg plans to take questions from reporters about the changes during a 1:00pm Pacific conference call on the subject.

The changes come as part of a slew of announcements in the wake of the Cambridge Analytica scandal including new restrictions on Facebook API use and the immediate shut down of the old Instagram API that was slated for July, but which started to break developers’ apps this week. Facebook is now undergoing a deep audit of app developers that pulled a lot of data or that look suspicious, and Schroepfer promises Facebook will make further disclosures if it finds any situations similar to the Cambridge Analytica fiasco.

Facebook is trying fix its broken data privacy after a developer named Dr. Aleksandr Kogan used the platform to administer a personality test app that collected data about participants and their friends. That data was then passed to Cambridge Analytica where it may have been leveraged to optimize political campaigns including that of 2016 presidential candidate Donald Trump and the Brexit vote, allegations which the company itself vehemently denies. Regardless of how the data was employed to political ends, that lax data sharing was enough to ignite a firestorm around Facebook’s privacy practices.

Following the Cambridge Analytica revelations, the company’s stock dropped precipitously, wiping more than $60 billion off its market capitalization from its prior period of stable growth. At the time of writing, Facebook was trading at $153.56.

Facebook’s core leadership was slow to respond to the explosion of negative attention, though Zuckerberg and Sandberg broke that silence with a flurry of media appearances, interviews and print ads. The company also came under the scrutiny of Congress once more and that pressure, which came from subcommittees in both the House and Senate and from both political parties, appears to have paid off. Zuckerberg is expected to testify before the House Energy and Commerce Committee, just one of the several powerful committees calling for him, on April 11.

While it’s certainly unfortunate that it took mishandling user data on a large scale to do so, the incident has become the straw that broke the Facebook camel’s back when it comes to privacy — and that appears to be catalyzing change. Schroepfer tells TechCrunch Facebook is now lifting every rock to find any other vulnerabilities that could be used to illicitly access or steal people’s information. Now we’re getting changes that should have been in place years ago that could make Facebook a safer place to network for users concerned about how the company handles their private data.

For more on Facebook’s recent scandals and changes, read our other coverage: