Updated 4:50 p.m. ET with a statement from Cambridge Analytica.
Facebook is already in big trouble with government regulators and American users who want to know just how much data the social network has on them after disclosing that a political consulting firm, Cambridge Analytica, had improperly collected 50 million Facebook users’ data to target political ads for Donald Trump.
Now Facebook has revealed that the situation is even worse: It was actually 87 million users whose profiles were mined for data by Cambridge Analytica.
In a statement on Twitter, Cambridge Analytica said it only accessed 30 million users' profiles, not 87 million. Facebook CEO Mark Zuckerberg in a call with reporters on Wednesday (April 4) said 87 million is the maximum number of Facebook users that could have been accessed by Cambridge Analytica.
Facebook buried the news at the bottom of an announcement about new API rules. APIs are the tools developers use to create products, and the network is now tightening the limits placed on developers who want to access Facebook users’ information, even if users give those developers permission. Cambridge Analytica itself didn’t use Facebook’s APIs to gather user data, but it did buy data collected from an app that used those APIs.
On Monday, April 9, Facebook will start displaying a message at the top of the News Feed to users whose information was collected by Cambridge Analytica. Users will also be able to see which apps they share information with and can disconnect their Facebook profiles from those apps.
What to Do
There isn’t much you can do about who got a hold of your information in the past, but you can take a few steps to protect your data going forward. Cut off access to all the apps, including the silly games and quizzes you entertained yourself with years ago and have long since forgotten. They still have access to your account. Start there, then fine-tune your Facebook privacy settings, which have been overhauled.
Or Maybe it’s time to delete Facebook altogether.
More Bad News
Another troubling nugget in Facebook’s announcement was the disclosure that “most people on Facebook could have had their public profile scraped” by “malicious actors” who abused the site’s search and account recovery features.
Those tools allowed people to enter another user’s phone number or email address into the search bar to find them. The phone number and email address account look-up feature has now been turned off, but if your profile is set to public, Facebook has said that your profile may have been scraped by a nefarious developer.
Protect Your Identity
Get it. IdentityForce UltraSecure+Credit is the best overall service for both credit monitoring and identity protection. It also protects your account with two-factor authentication.
Best Data Monitoring
It's worth it. Get LifeLock Ultimate Plus if you're very worried about having your identity stolen and you also need antivirus software. But you can get better credit monitoring for less with IdentityForce UltraSecure+Credit.
Good, but not the best. Identity Guard isn't bad, but for about the same price, IdentityForce UltraSecure+Credit offers more comprehensive personal-data and credit-file monitoring.