Facebook Chief Operating Officer Sheryl Sandberg apologized Thursday for the social media giant’s data breach and admitted the company failed to do enough to protect the data of tens of millions of its users.

Yet she said the company does not know whether political consulting firm Cambridge Analytica, which used Facebook data to target voters in the run-up to the 2016 elections, still possesses user data from the company, and if so, what the data is.

“We were given assurances by them years ago that they deleted the data. We should’ve followed up. That’s on us. We are trying to do a forensic audit to find out what they have,” Sandberg said.

Cambridge Analytica’s misuse of Facebook data, which may have affected up to 87 million users, according to a blog post from the company this week, has sparked widespread anger at the company and its founder, Mark Zuckerberg, who will testify before Congress about how his company protects user data next week.

In an interview with the PBS NewsHour’s Judy Woodruff, Sandberg acknowledged the company “under-invested” in the safety and security of user data. Sandberg said Facebook is now working to rectify that.

“We were very focused for the last 10 years on building on social experiences [but] we were not focused enough on the possible misuses of data,” Sandberg said. “What we are doing now is looking much more holistically at all the ways Facebook data is used and making a lot of proactive changes.”

Other highlights from the interview: