Facebook Says Personal Info of 87 Million Exposed: What to Do Now

Updated 4:50 p.m. ET with a statement from Cambridge Analytica.

Facebook is already in big trouble with government regulators and American users who want to know just how much data the social network has on them after disclosing that a political consulting firm, Cambridge Analytica, had improperly collected 50 million Facebook users’ data to target political ads for Donald Trump.

Now Facebook has revealed that the situation is even worse: It was actually 87 million users whose profiles were mined for data by Cambridge Analytica.

In a statement on Twitter, Cambridge Analytica said it only accessed 30 million users' profiles, not 87 million. Facebook CEO Mark Zuckerberg in a call with reporters on Wednesday (April 4) said 87 million is the maximum number of Facebook users that could have been accessed by Cambridge Analytica.

Credit: Getty Images

(Image credit: Getty Images)

Facebook buried the news at the bottom of an announcement about new API rules. APIs are the tools developers use to create products, and the network is now tightening the limits placed on developers who want to access Facebook users’ information, even if users give those developers permission. Cambridge Analytica itself didn’t use Facebook’s APIs to gather user data, but it did buy data collected from an app that used those APIs.

MORE: How to Stop Facebook From Sharing Your Data

On Monday, April 9, Facebook will start displaying a message at the top of the News Feed to users whose information was collected by Cambridge Analytica. Users will also be able to see which apps they share information with and can disconnect their Facebook profiles from those apps.

Facebook

Facebook

What to Do

There isn’t much you can do about who got a hold of your information in the past, but you can take a few steps to protect your data going forward. Cut off access to all the apps, including the silly games and quizzes you entertained yourself with years ago and have long since forgotten. They still have access to your account. Start there, then fine-tune your Facebook privacy settings, which have been overhauled.

Or Maybe it’s time to delete Facebook altogether.

More Bad News

Another troubling nugget in Facebook’s announcement was the disclosure that “most people on Facebook could have had their public profile scraped” by “malicious actors” who abused the site’s search and account recovery features.

Those tools allowed people to enter another user’s phone number or email address into the search bar to find them. The phone number and email address account look-up feature has now been turned off, but if your profile is set to public, Facebook has said that your profile may have been scraped by a nefarious developer.

Protect Your Identity

Caitlin is a Senior editor for Gizmodo. She has also worked on Tom's Guide, Macworld, PCWorld and the Las Vegas Review-Journal. When she's not testing out the latest devices, you can find her running around the streets of Los Angeles, putting in morning miles or searching for the best tacos.