https://www.reuters.com/article/us-equifax-cyber/equifax-says-web-server-vulnerability-led-to-hack-idUSKCN1BP0CB

Credit reporting company Equifax Inc blamed a web server vulnerability in its open-source software, called Apache Struts, for the recent data breach that compromised personal details of as many as 143 million U.S. consumers.