I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
In my opinion, the best way to ensure your WordPress security is via using a secure your wordpress website backup plugin. This is a relatively inexpensive, elegant and easy to use way to make sure that your site is available to you.
This is great news as it means that there is a community of users and developers who can further improve the platform. However there's a significant group there'll always be people who will try to take down them.
1 thing you can take is to delete the default administrator account. This is important because if you don't do it, a user name that they could attempt to crack is known by malicious Full Report user.
WordPress is one of the platforms for websites and self-hosted sites. While WordPress is pretty secure out of the box, there are always going to be people who want to make trouble by finding a way to crack into accounts or sites to cause harm or inject hidden spammy links. That is why it's important to be sure that your WordPress installation is as safe as possible.
I prefer using a WordPress plugin to get the work done. Just make sure the plugin you choose is in a position to do select backups, has restore and can replicate. Be sure that it is often updated to keep pace. There's absolutely no use in not working, and backing your data up to a plugin that's out of date.