Facebook has admitted that Cambridge Analytica, the marketing firm that claimed to have swung the US presidential election for Donald Trump, was able to access the details of 87 million Facebook users - not 50 million.
Facebook's chief technology officer Mike Schroepfer made the admission overnight. He suggested that Cambridge Analytica may have had data of up to 87 million Facebook users.
This has prompted Facebook to take action to limit how much data third-parties can scrape from its social network via legitimate APIs.
"We believe these changes will better protect people's information while still enabling developers to create useful experiences. We know we have more work to do — and we'll keep you updated as we make more changes," said Schroepfer.
But continuing with what would seem like an admission of guilt over the Cambridge Analytica scandal, Facebook founder and big boss Mark Zuckerberg has said his company didn't do enough to prevent the abuse of the harvested data.
"It's clear now that we didn't focus enough on preventing abuse," he said in an interview with the press. "We didn't take a broad enough view of what our responsibility is. That was a huge mistake, and it was my mistake.
"Knowing what I know today, clearly we should have done more," he said.
Zuckerberg is taking full responsibility for the mistake and said that no Facebook employees have been fired over the scandal, although he still believes he's the best guy to run Facebook, despite the hammering the company's stock price has taken as the scandal as unfolded.
"Life is about learning from the mistakes and figuring out what you need to do to move forward," he said.
However, keeping the platform more secure will be a challenge: if the company tightens up its data sharing practices, it will almost certainly be targeted by hackers.
"You never fully solve security. It's an arms race," Zuckerberg said. "I'm confident that we're making progress against these adversaries, but they're very sophisticated."
Zuckerberg's somewhat belated interviews and admissions of responsibility come ahead of a grilling he is expected to receive from US congressmen, although he snubbed a similar request to give evidence before a House of Commons committee.
David S. Wall, Centre for Criminal Justice Studies, University of Leeds outlines recent trends in cyber attacks across the public sector, and higher education specifically
API is one of those terms that people vaguely understand but skip over because it sounds complex, but in fact APIs are surprisingly straightforward and very useful
The new capability allows Azure to automatically update Windows virtual machine against vulnerabilities