One of the most commonly used security vulnerabilities on the web today is outdated software - be that the Adobe flash player you keep ignoring every time you start your browser, or the version of WordPress your personal blog is running on.
Most websites today run on some type of open-source, or openly-available platform - WordPress, Joomla, Magento, any online shopping cart, etc. And these software platforms typically have plugins or modules created by other 3rd-Party developers that you or your web developers may have used. Keeping all of these various platforms and plugins and modules up to date can be time consuming or costly, and those dedicated to breaking into others systems use this to their advantage.
Keeping any online software you use up to date should be just as important as locking your house when you leave for the weekend. If you haven't already, enable automatic updates if your platform allows it (or ask your developer), and update any plugin, modules, etc as soon as possible. We recommend hiring someone, or utilizing a paid-for service to maintain updates as well - if your developer offers this service, take them up on it - plus if anything ever does happen, they will be there to help get you back up and running as soon as possible.
If it's too late and you believe your site is compromised; feel free to reach out to us - we deal in number of content management and e-commerce platforms; and if we can't help you, we'll point you in the right direction.
In today's web-based world, it is pertinent you keep all of your software as up to date as possible. For further reading, and some info on the most-hacked plugins and platforms, we recommend reading Scuri's 2016 Q1 Report.