Don’t you need to be inside the network to use the admin macaroon? Unless it was all open to the public
Discussion
This is my main concern right now too. My systems are all locked down with hardware vpns. I think it's unlikely they were able to get into my system in any way. I can only ssh into my K8 nodes and bitcoin node on the network. The services I expose over clearnet are BTCPay, Cashu Mint, and my website that I use to create lightning invoices.
I have a network firewall that only exposes these ports:
TCP 9735 (Lightning P2P)
TCP 80/443 (HTTP/HTTPS)
I do not have these ports exposed:
Port 8080 (LND REST) ❌
Port 10009 (LND gRPC) ❌