Facebook has apologised for yet another controversy after it was caught secretly deleting messages sent by its senior executives, just as it was about to reveal which accounts were ‘breached’ during the Cambridge Analytica scandal.

TechCrunch reported on Friday (Australian time) that Facebook was using a secret tool to allow CEO Mark Zuckerberg to delete messages from the inboxes of recipients, without disclosing the deletions or recording the message were ever sent.

The tool was not available to regular users. Facebook users can delete sent messages, but the recipient retains a copy. Since 2016, they can also send disappearing messages, but it cannot be used on messages sent before the tool was created.

Facebook initially defended the practice by saying it was a response to the embarrassing 2014 hacking of the email accounts of senior Sony Pictures executives, allegedly conducted by North Korean operatives.

But after the story angered many of its users, the social media giant apologised on Saturday (Australian time) and promised to prevent its executives from using the deletion tool until it rolled out the feature to all users.

“We will now be making a broader delete message feature available. This may take some time,” a Facebook spokesperson told Bloomberg.

“Until this feature is ready, we will no longer be deleting any executives’ messages. We should have done this sooner – and we’re sorry that we did not.”

Find out if you were ‘breached’

The company was already reeling from its worst privacy crisis in history, after allegations that Cambridge Analytica, a data mining firm linked to the Trump campaign, may have used ill-gotten user data to try to influence the US election.

Facebook is in full damage-control mode, with Mr Zuckerberg acknowledging he’s made a “huge mistake” in failing to take a broad enough view of what Facebook’s responsibility is in the world. He is set to testify before congress next week.

The question that remains for many Facebook users is whether Cambridge Analytica managed to obtain their personal data.

That question will be answered from Monday when Facebook starts to send a message to the 87 million users it believes were affected by the data breach.

Starting on Monday, all 2.2 billion Facebook users will receive a notice on their feeds, titled “Protecting Your Information”, with a link to see what apps they use and what information they have shared with those apps. If they want, they can shut off apps individually or turn off third-party access to their apps completely.

In addition, the 87 million users who might have had their data shared with Cambridge Analytica will get a more detailed message informing them of this.

Facebook says most of the affected users (more than 70 million) are in the US, along with over a million each in the Philippines, Indonesia and the UK. There are also concerns that thousands of Australians were caught in the data drag net.

Cambridge Analytica whistleblower Christopher Wylie previously estimated that more than 50 million people were compromised by a personality quiz that collected data from users and their friends.

That Facebook app, called “This is Your Digital Life”, was a personality quiz created in 2014 by an academic researcher named Aleksander Kogan, who paid about 270,000 people to take it.

The app vacuumed up not just the data of the people who took it, but also – thanks to Facebook’s loose restrictions – data from their friends, too, including details that they had not intended to share publicly.

Facebook later limited the data apps can access, but it was too late in this case.

Mr Zuckerberg said Facebook came up with the 87 million figure by calculating the maximum number of friends that users could have had while Mr Kogan’s app was collecting data. The company doesn’t have logs going back that far, he said, so it cannot know exactly how many people may have been affected.

Cambridge Analytica said in a statement on Thursday (Australian time) it had data for only 30 million people.

-with AAP