Ex-Equifax chief to face lawmakers' ire as he offers breach response details

Information on the Apache Struts vulnerability that was exploited in the massive Equifax hack was circulated internally last March at the company, ex-CEO Richard Smith will testify today, but the necessary patching didn't occur and subsequent internal security scans failed to pick up the vulnerability.

Hackers apparently accessed sensitive data at the consumer credit rating agency between May 13-July 30, affecting 143 U.S. consumers, according to the company's own estimates. Equifax publicly announced the breach on Sept. 7, nearly six...