Facebook's misuse of personal information was far worse than initially thought.

On Wednesday, Chief Technology Office Mike Schroepfer revealed the firm shared data of up to 87 million users with the political consultancy firm Cambridge Analytica – a dramatic increase from initial media estimates of roughly 50 million.

Schroepfer shared the new figures in a blog post outlining nine changes the firm is making to the platform in light of the massive data scandal that unfolded last month.

According to the CTO, most of the affected users were in the United States.

In the post, the Facebook exec also revealed the troubling ease with which ‘malicious actors’ could ‘scrape’ public information from most users’ profiles.

Facebook CEO Mark Zuckerberg addressed the growing scandal in a media call on Wednesday afternoon, admitting the firm 'didn't do enough' to protect user data or to prevent the spread of disinformation.

Scroll down for video

As Facebook grapples with the unfolding data scandal, more and more worrying details continue to emerge. The latest indicates the issue, which Zuckerberg himself called a 'breach of trust,' affected many more users than initially suspected

According to the CTO, most of the affected users were in the United States, as shown in the graph above

HOW DOES FACEBOOK PLAN TO RESTRICT APPS' DATA ACCESS? Facebook's Chief Technology Office Mike Schroepfer outlined the nine 'most important changes' the firm is making in wake of the Cambridge Analytica scandal. He also revealed the issue affected up to 87 million users. Moving forward, Facebook says: Apps using Groups, Events, and Pages APIs will face much tighter restrictions, and will not be able to access member lists or view personal information such as names and profile pictures

Facebook will approve all apps that request access to info such as check-ins, likes, photos, posts, videos, events and groups. It will also no longer allow apps to ask for access to personal information such as religious or political views

Phone number and email searches have been disabled, due to 'abuse.' According to the CTO, the firm believes 'most people on Facebook could have had their public profile scraped in this way.'

Controversial opt-in feature that allowed Facebook to collect call and text history from Android users will 'not collect the content of messages — and will delete all logs older than one year,' Schroepfer said

Firm is also rolling out a new tool to more prominently display the apps and websites you use at the top of the News Feed Advertisement

In a call with reporters, Zuckerberg admitted the firm made a 'huge mistake' in failing to take a broad enough view of what Facebook's responsibility is in the world.

'It's my mistake,' the Facebook CEO added.

Referring to the Cambridge Analytica privacy scandal, in which a consultancy firm was able to access millions of users' data and use it to target voters during political campaigns, he said that it isn't enough for Facebook to believe app developers when they say they follow the rules.

He says Facebook has to ensure they do.

‘Life is learning from mistakes,' Zuckerberg told reporters, according to CNET.

‘At the end of the day, this is my responsibility. I started this place, I run it, I'm responsible.’

'We know now we didn't do enough to focus on preventing abuse and thinking through how people use these tools to do harm,' the Facebook CEO added.

Now, as the company looks forward, Zuckerberg said the firm must address Facebook's role in democracy.

'It's not enough to give people a voice, we have to make sure that people are not using that voice to spread disinformation,' Zuckerberg said, according to CNET.

While Facebook grapples with the unfolding data scandal, more and more worrying details continue to emerge.

The latest indicates the issue, which Zuckerberg himself called a 'breach of trust,' affected many more users than initially suspected.

'In total, we believe the Facebook information of up to 87 million people — mostly in the US — may have been improperly shared with Cambridge Analytica,' Schroepfer said on Wednesday.

London-based Cambridge Analytica, which has counted U.S. President Donald Trump's 2016 campaign among its clients, disputed Facebook's estimate of affected users.

It said in a statement on Wednesday that it received no more than 30 million records from a researcher it hired to collect data about people on Facebook.

In Facebook's blog post, Schroepfer shed light on additional ways 'malicious actors' could access users' data without their knowledge, by scraping public information from profiles.

On Wednesday, Chief Technology Office Mike Schroepfer (pictured) revealed the firm shared data of up to 87 million users with the political consultancy firm Cambridge Analytica – a dramatic increase from initial media estimates of roughly 50 million

WHAT IS THE CAMBRIDGE ANALYTICA SCANDAL? Communications firms Cambridge Analytica has offices in London, New York, Washington, as well as Brazil and Malaysia. The company boasts it can 'find your voters and move them to action' through data-driven campaigns and a team that includes data scientists and behavioural psychologists. 'Within the United States alone, we have played a pivotal role in winning presidential races as well as congressional and state elections,' with data on more than 230 million American voters, Cambridge Analytica claims on its website. The company profited from a feature that meant apps could ask for permission to access your own data as well as the data of all your Facebook friends. It was initially estimated that the firm was able to mine the information of 55 million Facebook users even though just 270,000 people gave them permission to do so. But, Facebook has since revealed the number was actually as high as 87 million. This was designed to help them create software that can predict and influence voters' choices at the ballot box. The data firm suspended its chief executive, Alexander Nix, after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump. This information is said to have been used to help the Brexit campaign in the UK. Advertisement

The site previously allowed users to enter someone's phone number or email address into the search bar to locate that person.

While the tool was helpful for finding friends in some scenarios, for example, in languages which 'take more effort to type out a full name,' the firm says it was also regularly abused.

As a result, Facebook is now doing away with it entirely.

'Given the scale and sophistication of the activity we've seen, we believe most people on Facebook could have had their public profile scraped in this way,' Schroepfer wrote.

'So we have now disabled this feature.

'We're also making changes to account recovery to reduce the risk of scraping as well.'

The troubling revelation came in the midst of new details on what Schroepfer says are the nine 'most important changes' the firm is making to the site.

And, the CTO notes, more are set to come over the next few months.

The current changes also include new guidelines for the controversial opt-in feature that allowed Facebook to collect call and text history from Android users.

'We've reviewed this feature to confirm that Facebook does not collect the content of messages — and will delete all logs older than one year,' Schroepfer wrote.

'In the future, the client will only upload to our servers the information needed to offer this feature — not broader data such as the time of calls.'

The firm is also rolling out a new tool to more prominently display the apps and websites you use.

A link for this will appear at the top of the News Feed starting Monday April 9. Clicking this link will reveal what information you share with these apps, and give the option to remove them.

The changes also include new permissions requirements for Groups, Pages, and Events.

As of today, apps using these APIs will no longer be able to access guest or member lists. For events, apps will also be unable to access posts on the event wall.

The firm also says it is rolling out strict requirements for apps seeking approval through the Events API, and will require approval for all apps seeking access to the Pages API.

Starting Monday, April 9, Facebook will begin showing users a link at the top of their News Feed to more easily reveal the apps they use (as shown above)

FACEBOOK SAYS IT SCANS ALL OF YOUR MESSENGER TEXTS Facebook scans the contents of messages that people send each other on its Messenger app blocking any that contravene its guidelines. The scandal-hit firm, still reeling from revelations surrounding Cambridge Analytica, checks images and texts to ensure they are in line with its community standards. CEO Mark Zuckerberg confirmed the policy during a podcast interview with Vox's editor at large, Ezra Klein. Messenger says that it doesn’t use data from messages it has scanned for the purposes of advertising, according to reports in Bloomberg. The company told the website that it uses the same tools to prevent abuse in messages that are in place across Facebook as a whole. Users are able to flag posts or messages that they feel are in violation of the site's house rules. This will either cause one of the social network's community operations team to manually review the content, or automated systems can also make decisions. 'For example, on Messenger, when you send a photo, our automated systems scan it using photo matching technology to detect known child exploitation imagery or when you send a link, we scan it for malware or viruses,' a Facebook Messenger spokeswoman said in a statement. 'Facebook designed these automated tools so we can rapidly stop abusive behaviour on our platform.' Advertisement

For groups, Schroepfer wrote, 'we're also removing personal information, such as names and profile photos, attached to posts or comments that approved apps can access.'

The firm also says it will no longer allow apps to ask for more detailed personal information, such as religious or political views, entertainment activity, relationship status, or news reading.

The changes follow several others that have rolled out in the last few weeks in light of the Cambridge Analytica scandal.

‘Overall, we believe these changes will better protect people’s information while still enabling developers to create useful experiences,’ Schroepfer wrote.

‘We know we have more work to do — and we’ll keep you updated as we make more changes.’