Breakdown of Facebook users affected by Cambridge Analytica leak

Facebook revealed today that Cambridge Analytica accessed the personal information of more than 87 million users, and not 50 million, as it was initially reported.

More than 70 million, 80% of the total tally, are Americans, the social network revealed in a chart breaking down users per country (image above).

Facebook to notify all affected users

Facebook plans to notify all of the 87 million affected users on Monday, April 9, with a message that would appear at the top of their Facebook timeline.

The social network also plans to show an additional message that will ask all users, not just the affected 87 million, to review the apps that have access to their Facebook data.

To account for lazy users that dismiss these messages, Facebook also said it would automatically cut an app's access to user data if the user hasn't used the app for the last three months.

Too little too late

Besides warnings for users, Facebook also announced today other changes, including:

↣  Updates to the site's data policy and terms of service.
↣  Apps won't have access to Facebook event participants and posts on the event's wall.
↣  Apps won't have access to a Facebook group's member list.
↣  Apps that want access to a Facebook group will need to be reviewed by Facebook and approved by the group's admin.
↣  Apps won't have access to the user's name and photo for comments made inside a Facebook group.
↣  Facebook staff will review every app that needs to access a Facebook page.
↣  Apps won't be able to access a user's religious or political views, relationship status and details, custom friends lists, education and work history, fitness activity, book reading activity, music listening activity, news reading, video watch activity, and games activity.
↣  Users won't be able to search for users using their phone number or email address. Facebook said "malicious actors have abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery."
↣  The Facebook Android app will not collect calls and SMS metadata anymore.

Facebook has taken these steps to fight abusive apps like the one developed by an academic for Cambridge Analytica. Named "This Is Your Digital Life," this quiz app used a loophole in Facebook's app permissions model to gather information on over 87 million users, even if only 270,000 users used the app. This happened because, at the time, Facebook allowed apps to collect data on a user's friends, not just the user who installed the app.

Most privacy and security experts believe malicious actors have already mapped out most of Facebook's userbase already, and Facebook's recent updates are only to appease angry users who had their data scraped by an analytics company that later weaponized it for political targeting and propaganda.

Alerts Facebook plans to show to users on April 9, 2018

Related Articles:

Facebook Photo API Bug Exposed Pics of Up to 6.8 Million Users

CCleaner 5.50 Now Allows You to Disable Automatic Updates

Mozilla Overhauls Content Blocking Settings in Firefox 65

Scammers Use Facebook Sharer Page to Push Tech Support Scams

Private Messages for 81k Hacked Facebook Accounts Being Sold Online