In March 2017, over 140 million people's sensitive information was stolen from Equifax company servers. How did it happen?
Equifax was using the Apache Struts framework to run a number of its websites. In March 2017 a security vulnerability (CVE-2017-5638) was discovered in Apache Struts and on March 7 Apache has released a security patch fixing the aforementioned vulnerability.