Facebook said in a blog post that it has suspended "tens of thousands" of apps from its platform for misusing and mishandling data in the year and a half since the Cambridge Analytica scandal, and Facebook's failure to properly protect billions of users' personal info, first came to light.

It wasn't until March 2018 that the sheer scale of the Cambridge Analytica security incident was reported: Over 87 million Facebook users had their personal data obtained by the political-data-analytics firm via an external app in 2015, and the social network is accused of waiting another two years to disclose that it had happened.

Facebook said on Friday that the company has been investigating its app developers since news of the Cambridge Analytica incident came out in March 2018. As part of the investigation, Facebook reviewed "all of the apps that had access to large amounts of information."

So far in the investigation, Facebook has banned "tens of thousands" of apps for reasons including "inappropriately sharing data obtained from us, making data publicly available without protecting people's identity or something else that was in clear violation of our policies." Facebook said these suspended apps came from only about 400 developers.

The "tens of thousands" number is a huge step-up from Facebook's previously reported numbers of suspended apps: 200 in May 2018, then 400 apps in August 2018. Facebook says the review of its apps is "by no means finished."

Read more: Facebook understood how dangerous the Trump-linked data firm Cambridge Analytica could be much earlier than it previously said. Here's everything that's happened up until now.

Facebook's handling and use of data has been under intense scrutiny since the Cambridge Analytica scandal. Most recently, the Federal Trade Commission fined Facebook $5 billion for its role in the incident, which the regulator said violated a past agreement that the company wouldn't hand over user data to third parties without consent.

Recent news reports, based off of copies of internal documents, apparently show that Facebook was first made aware of a "potential data violation" in September 2015 but that the company didn't publicly address the matter until March 2018.

The Securities and Exchange Commission has also alleged that Facebook failed to disclose the breach for more than two years and that the company instead relied on hypotheticals to tell investors that users data "may be improperly accessed, used or disclosed."