Facebook: Cambridge Analytica may have had up to 87 million users' data

It's planning on ways to lock down the platform even more.

Facebook is continuing to strengthen its data policies amid the Cambridge Analyica scandal, and today the company provided an update to its plans. In a blog post, CTO Mike Schroepfer revealed that Facebook information for up to 87 million people -- mostly in the US -- had been improperly shared with Cambridge Analytica. This is much higher than the 50 million count reported previously.

In order to restore user trust, Facebook is working on restricting data access in a few different ways. One of them is that call and text history is now part of an opt-in feature for people using Messenger or Facebook Lite on Android. This is likely a reaction to when the company came under fire for retaining call metadata on Android phones a few weeks ago.

"We've reviewed this feature to confirm that Facebook does not collect the content of messages -- and will delete all logs older than one year," Schroepfer wrote in his post. He also wrote that the app will only upload the required information for the feature, not broader data such as call duration.

Facebook will also now disable the ability search for a user using their email address or phone number. That's because, according to Schroepfer, malicious actors have abused the feature to "scrape public profile information" through "search and account recovery." Facebook is also changing the way account recovery works to reduce the risk of scraping.

There are several important changes to Facebook's third-party APIs as well. Apps using the Events API will no longer access the guest list or wall posts and the Groups API will no longer provide access to member lists as well as personal information. In general, all apps using these APIs will now need approval from Facebook before any access is granted.

It's also following through on changes to Facebook Login that it announced a couple of weeks ago. The company will now strictly vet any app that is requesting information such as check-ins, likes, photos, posts, videos, events and groups. It will also no longer allow access to personal information like political views, relationship status and more. Also, if the app has not been used in the last three months, the permission will be revoked.

This is on top of several other steps Facebook have undertaken recently to help improve its reputation. It's trying to make its data policies easier to understand, will limit the data advertisers use to target ads, allow the deletion of apps in bulk, delete unpublished videos, crack down on unwanted ad targeting and removed hundreds of Russian troll accounts. It will also warn users if they were one of the 87 million people impacted by the Cambridge Analytica scandal.