"The massive hack led Equifax to invest $1.5 billion "to build a top-tier, cloud-native technology and security infrastructure," as the company puts it."
Cloud-native and secure aren't two things I'd put together. There is a huge attack surface with "cloud" things and often a large number of players involved as companies outsource so many things these days. Frankly, I'd feel much more secure if Equifax said they bought a disused mine or three and located their hardware on the lowest levels guarded by lots of reinforced concrete and vault doors to prevent physical attacks and institute strict access control and deployed many of their own data connections so they could better monitor access there as well.
Botching important software and doing deployments without proper testing is universal these days as companies race to the be first with something rather than the best.