Re: Firewall ?
I thought the same, the default firewall rules would have prevented this. iptables defaults to allow localhost/loopback traffic and just because it's bound to all interfaces, someone must still have opened the port(s) on the firewall for it to be Internet accessible.
"Matherly says the near 30,000 databases are exposed through the use of older versions of the platform that fail to bind to localhost."
Personally I'm of the view that unless customers need to directly connect to a service, it should be behind a VPN (i.e. if they had it open to the 'net to integrate with another system, those two systems should be VPN'd if they can't be physically located together).