Facebook says in a blog post that it has suspended "tens of thousands" of apps from its platform for misusing and mishandling data in the year and a half since the Cambridge Analytica scandal, and Facebook's failure to properly protect billions of users' personal info, first came to light.
It wasn't until March 2018 that the sheer scale of the Cambridge Analytica security incident was reported: Over 87 million Facebook users had their personal data obtained by the political data-analytics firm via an external app in 2015, and the social network allegedly waited another two years to disclose that it had happened.
Facebook said Friday that the company has been investigating its app developers since news of the Cambridge Analytica incident came out in March 2018. As part of the investigation, Facebook reviewed "all of the apps that had access to large amounts of information."
So far in the investigation, Facebook has banned "tens of thousands" of apps for reasons including, "inappropriately sharing data obtained from us, making data publicly available without protecting people's identity or something else that was in clear violation of our policies." Facebook says these suspended apps only come from about 400 developers.
The "tens of thousands" number is a huge step-up from Facebook's last reported numbers of suspended apps: 200 in May 2018, then 400 apps in August of last year. Facebook says the review of its apps is "by no means finished."
Facebook's handling and use of data has been under intense scrutiny since the Cambridge Analytica scandal. Most recently, the Federal Trade Commission fined Facebook $5 billion for its role in the incident, which the regulator says violated a past agreement that the company wouldn't hand over user data to third parties without consent.
Recent news reports, based off of copies of internal documents, apparently show that Facebook was first made aware of a "potential data violation" in September 2015, but that the company didn't publicly address the matter until March 2018.
The Securities and Exchange Commission has also alleged that Facebook failed to disclose the breach for more that two years, and that the company instead relied to hypotheticals to tell investors that users data "may be improperly accessed, used or disclosed."