@Chris Hills WTF?
Seriously... Everybody wants FOSS right? Lowers the cost of development and all that.
And less than 1% of the coders out there contribute to an Apache project or any other FOSS project.
Frankly, you wouldn't want them to.
Oh to be clear, Equifax is to blame. But it also highlights the dangers of using Open Source blindly without acknowledging the risks.
You get what you paid for... and in this case... lax security.