Just when you thought that the Cambridge Analytica scandal couldn’t get any murkier, it has. In a blog post yesterday, Facebook said that it now believes data of up to 87 million people globally may have been accessed by the controversial British consultancy firm. That’s significantly more than the 50 million revealed by whistleblower Christopher Wylie in his interview to The New York Times and The Observer last month.

Alarmingly for Indian users, over half a million affected are apparently from India. Overall, around 3.6 million people in Asia may have been adversely affected by the data breach, but the US remains by far and wide the worst affected, with more than 70 million of the compromised accounts believed to be from the country. The Philippines, Indonesia, the UK, Mexico, Canada, Brazil, Vietnam and Australia are apparently some of the other countries whose citizens may have been badly affected by the breach.

Overall, the company admitted that most of its 2 billion users have been affected by similar data ‘scraping’ done by brokers on behalf of Facebook advertisers and marketers. “We believe most people on Facebook could have had their public profile scraped in this way. So we have now disabled this feature.”

Meanwhile, the company at the heart of the scandal, Cambridge Analytica, is seemingly contradicting Facebook’s latest admission, sticking to its old claims of having accessed the private information from only 30 million Facebook accounts.

In the wake of the scandal, Facebook is promising to extend the European Union’s GDPR privacy safeguards to all users around the world, albeit, with some minor modifications to comply with different laws prevailing in different jurisdictions around the world. The company’s under-fire CEO, Mark Zuckerberg, has also set up a date with US lawmakers to testify at the US Congress next week about the Cambridge Analytica fiasco and what the company plans to do to prevent such situations in the future.