#ftag=RSSbaffb68

According to an unsubstantiated report by equity research firm Baird, citing no evidence, the blame falls on the open-source server framework, Apache Struts. Could the root cause of the hack be a Struts security hole? If that's the case, is it the fault of Struts developers or Equifax's developers, system admins, and their management? The Apache Struts Project Management Committee said in a statement that while they're sorry Equifax "suffered from a security breach," they're not ready to take on the burden for this all-time security fiasco.