RC4 was designed to be a very fast encryption algorithm. This is very important because you want to be able to encrypt data without any loss in latency or transfer rate. For a lot of applications it is either this or no encryption. However RC4 was designed in 1987 for the computer available at that time. So even back in the late 90s we figured out that it was too simple. It was not just the speed of the computers which meant you could brute force it but the algorithm was just too simple and you could undo some of the calculations to find part of the input using just the output.

The problem was that the RC4 algorithm was perfect for the computer revolution in the 90s with lots of smaller home computers being sold and connected to the Internet. These computers were about as powerful as the big military computers that did real time encryption in the 80s so the RC4 algorithm was perfect for the Internet. Users could get full Internet speeds encrypted without even hogging the computer down. So RC4 became the standard for consumer electronics.

The problem with standards is that they are hard to change. New technology needs to be compatible with the old technology. So everything had to have support for RC4 to talk to old technology. Some people even preferred RC4 over more secure algorithms because of its speed.

When wireless encryption protocols like WEP was designed people did not even consider anything but RC4 due to the potential high bandwidth and the small size of the wireless routers and interfaces. So they made RC4 not only the default but the only encryption algorithm allowed. They did not see a need to allow for anything else.

Fast forward to about 2015 and we have found enough problems with the RC4 algorithm and have fast enough hardware to not only do line speed encryption and decryption but to do so without even knowing the secret key. So basically anyone with a modern computer could read any RC4 encrypted data stream as if it was not even encrypted, and people did.

It is also worth mentioning that there are strong suspicion that RC4 was intentionally made bad. It was developed by the US military in the 80s to encrypt traffic between radars, command centers, ballistic missile silos, anti-air rocket platforms, jet fighters and even missiles and rockets themselves. This is why it needed to be so fast. But there was a concern that the algorithm would fall into Soviet hands and that they would start using it themselves. So in addition to the requirement of being very fast it might also have had to be easily cracked for those who knew the weakness. There are some evidence of this but as far as I know this have not been confirmed yet.