The update was done over the Internet, the same as we do updates for our personal computers. Resource-wise, it wasn't very massive. It simply meant that each person had to plug their ID cards into their personal computers and update the certificate. They have to do it anyway every second year, so in this case they had to do it earlier. Resource-wise, it wasn't a massive problem, but it was a problem of possible vulnerability that we didn't know about.
On March 22nd, 2018. See this statement in context.