Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?  

Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.  

What happened was an attacker used social engineering to gain root access to a wallet server. This was made possible by absolutely jaw-dropping negligence on the part of the hosting provider.