I've seen similar across other Linux-using companies. Awareness isn't what it [c|sh]ould be. However, the problem isn't limited to Linux. I've seen plenty of *BSD admins advocate telnet.
Probably one of the scariest situations was where an organization who shall not be named refused to run SSH but used RSH with .hosts files because that was "more secure". I spent about a week sobbing into my beer.