Facebook has admitted that Cambridge Analytica, the marketing firm that claimed to have swung the US presidential election for Donald Trump, was able to access the details of 87 million Facebook users - not 50 million.
Facebook's chief technology officer Mike Schroepfer made the admission overnight. He suggested that Cambridge Analytica may have had data of up to 87 million Facebook users.
This has prompted Facebook to take action to limit how much data third-parties can scrape from its social network via legitimate APIs.
"We believe these changes will better protect people's information while still enabling developers to create useful experiences. We know we have more work to do — and we'll keep you updated as we make more changes," said Schroepfer.
But continuing with what would seem like an admission of guilt over the Cambridge Analytica scandal, Facebook founder and big boss Mark Zuckerberg has said his company didn't do enough to prevent the abuse of the harvested data.
"It's clear now that we didn't focus enough on preventing abuse," he said in an interview with the press. "We didn't take a broad enough view of what our responsibility is. That was a huge mistake, and it was my mistake.
"Knowing what I know today, clearly we should have done more," he said.
Zuckerberg is taking full responsibility for the mistake and said that no Facebook employees have been fired over the scandal, although he still believes he's the best guy to run Facebook, despite the hammering the company's stock price has taken as the scandal as unfolded.
"Life is about learning from the mistakes and figuring out what you need to do to move forward," he said.
However, keeping the platform more secure will be a challenge: if the company tightens up its data sharing practices, it will almost certainly be targeted by hackers.
"You never fully solve security. It's an arms race," Zuckerberg said. "I'm confident that we're making progress against these adversaries, but they're very sophisticated."
Zuckerberg's somewhat belated interviews and admissions of responsibility come ahead of a grilling he is expected to receive from US congressmen, although he snubbed a similar request to give evidence before a House of Commons committee.
NCSC head Ciaran Martin points the finger of blame for the wave of cyber attacks targeting the UK at Russia, China, North Korea and Iran
The 'modus operandi' of Magecart 5 is very different from other, similar threat groups, according to Malwarebytes
Micrososft's Secured-Core PCs intended to put a stop to UEFI rootkit shenanigans
Samsung Galaxy S10 smartphone allows anyone to unlock devices when covered in third-party screen protectors
Lackadaisical security around apps for Amazon and Google personal assistants could enable malicious attackers to v-phish for passwords or eavesdrop on households