Equifax divulged on Wednesday that the culprit behind this summer’s breach of 143 million Americans was an Apache Struts vulnerability, CVE-2017-5638, patched back in March.