Just found this guy's twitter:
https://twitter.com/HackingMoth
He posted a thread explaining the cause of the hack (not the hack itself though) and says that it's because people had open inbound ports (specifically 1400), listing their networks on the public internet. If that's true than it has nothing to do at all with cracking or default password or with how good your WiFi password is. I am just wondering if people unknowingly opened the ports themselves or if it was the Sonos device that did it using UpNp.
I use Sonos myself aswel and tried to get into this configuration page he's talking about. It's damn easy, all I did was type in the Ipv4 of my Sonos device and adding :1400 to the adress in google chrome and I was shocked to see that I was into the setup page, listing all my connected devices and active speakers. There was no login page at all!?
EDIT:
I didn't find any open ports in my router that I didn't know of and port 1400 is closed so I highly doubt Sonos devices forward themselves.