I wasn't notified about this one for some reason, but have just finished a round of checks and upgrades on most of the 2860s and 2862s in my care - several of the 2860s seem to have been hit, with the DNS server settings changed in the LAN sections. Always disturbing when such a central bit of networking gear is hacked, hopefully that's all that was done but who really knows?
Definitely no default passwords in use here, usually all but HTTPS access to remote admin blocked.
Generally I'm a big fan of these routers for SMEs as they've proven themselves incredibly reliable over the past decade and more, plus the firmware updates keep coming long after the initial purchase... I suppose such a popular router was always going to be a prime target.