Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to compromise the company’s networks?

Equifax has yet to share more details about how the attack was pulled off, but a report by financial services firm Robert W. Baird & Co. says the company’s “understanding” is that it was an Apache Struts flaw that did the trick.