Equifax said that the hackers exploited a software vulnerability. The Apache Software Foundation, which oversees the open-source software, had issued a patch two months before hackers began comprising Equifax data.
The CEO Richard Smith testified before Congress about the breach. While he took responsibility as the CEO, he placed culpability onto the IT Department for failing to install the patch.
Hackers stole 145 million SSNs, birth dates, home addresses, driver's license numbers.