At RSPONSIV we have to deal with hacked sites on an occasional basis.
Not often, but not infrequently either. This year we have had a couple of sites where the hack was in the htaccess file. If you don’t know what that is, don’t worry about it. It is one of the more technical sides of a website. Suffice to say, most Apache-served websites have one and it is necessary for some tasks.