In 2014, Cambridge Analytica, a voter-profiling company that would later provide services for Donald Trump’s 2016 presidential campaign, reached out with a request on Amazon’s “Mechanical Turk” platform, an online marketplace where people around the world contract with others to perform various tasks. Cambridge Analytica was looking for people who were American Facebook users. It offered to pay them to download and use a personality quiz app on Facebook called thisisyourdigitallife.

About 270,000 people installed the app in return for $1 to $2 per download. The app “scraped” information from their Facebook profiles as well as detailed information from their friends’ profiles. Facebook then provided all this data to the makers of the app, who in turn turned it over to Cambridge Analytica.

A few hundred thousand people may not seem like a lot, but because Facebook users have a few hundred friends each on average, the number of people whose data was harvested reached about 50 million. Most of those people had no idea that their data had been siphoned off (after all, they hadn’t installed the app themselves), let alone that the data would be used to shape voter targeting and messaging for Mr. Trump’s presidential campaign.

This weekend, after this was all exposed by The New York Times and The Observer of London, Facebook hastily made a public announcement that it was suspending Cambridge Analytica (well over a year after the election) and vehemently denied that this was a “data breach.” Paul Grewal, a vice president and deputy general counsel at Facebook, wrote that “the claim that this is a data breach is completely false.” He contended that Facebook users “knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.” He also said that “everyone involved gave their consent.”