Cambridge Analytica Scandal: Facebook Says 87m Users Affected

The fallout from the Facebook-Cambridge Analytica scandal continued this week as the social network revised up previous estimates on how many user accounts may have been affected – by over 30 million.

Facebook believes data from 87 million accounts was shared with the controversial political consultancy, breaking its terms of service at the time.

A previous estimate by whistleblower Christopher Wylie had the figure at around 50 million, made possible after a Cambridge University professor and developer of the thisisyourdigitallife app improperly shared the data with Cambridge Analytica.

Around 1.1 million of the users were UK-based; an important figure when one considers that Cambridge Analytica was employed by at least one group to target voters in the EU referendum with political ads urging them to vote ‘leave’.

It’s still not clear exactly how many Facebook accounts were used by the consultancy, which tweeted that it only received data on 30 million users.

Tripwire security researcher, Craig Young, claimed the incident should be a cautionary tale for netizens that click before reading online T&Cs when signing up to new apps.

“Unfortunately, data privacy is a lot like oral hygiene, everyone knows they should pay attention to it but in practice people tend to neglect it,” he added.

“Many Facebook users are naturally upset about this situation, but in the end the moral of the story here is that people need to be more considerate about what data they are sharing and with whom.”

The revelations were part of a move by Facebook to improve transparency and accountability in light of the scandal. The firm’s CEO Mark Zuckerberg took the rare step of hosting a press conference and Q&A with reporters, ahead of a grilling on Capitol Hill next week.

"Today, given what we know... I think we understand that we need to take a broader view of our responsibility," he said, according to the BBC.

"That we’re not just building tools, but that we need to take full responsibility for the outcomes of how people use those tools as well."

In its bid to win back trust, Facebook has launched a range of new features designed to offer greater transparency to users around what apps they’re using, and more controls to protect their privacy.

Zuckerberg also promised to make “all the same controls” the firm is rolling out for the GDPR available in every part of the world.

However, the social network reportedly admitted yet another potential problem yesterday: which may have allowed hackers to scrape public profile info by abusing a feature allowing users to search for each other by typing in email addresses and phone numbers.

What’s Hot on Infosecurity Magazine?