Thanks so much for posting this. I haven't checked that article yet so I don't know if I'm being redundant, but it's also a good idea to change the name of the wp-admin folder to something that they won't guess. Most people don't ever change it so it makes the hackers job much easier. I'd really like to do that at some point but I wish I had done it upon setup because it would have been easier then.
Wow, I think that's the fastest I've heard anyone get hacked -- only two days after launch? It was like someone was waiting on you! lol
Thank you for sharing your story and glad you got everything back up and running.