Unfortunately most sites are likely to come under attack from hackers and it is a constant battle to keep your site secure in order not to fall victim and even some of the biggest sites can get caught out.
Sometimes it is all too obvious that a site has been hacked as the web pages splash out a political message, a sale message for drugs or perhaps links to porn sites, but more often these days the real hack is hidden from immediate view which makes it much harder to detect or clean up. The objective is to get links to sites, such as top name fashion accessories, that pay money in exchange for traffic driven to them. If rogue pages are hidden on a hacked site and these pages get ranked by Google and other search engines then traffic will be driven via the hacked site to the sites that pay for traffic.
The hackers now use scripts that will hide the hack scripts from the normal visitor, but as soon as a search engine bot visits they will deliver all the links to the hidden pages to get the content included into the search engine. It could be days or weeks before the site owner become aware they have been hacked and their reputation damaged.
It can be a complex task identifying if a site has been hacked and then determining how this was done. However, one way to reduce the risks is to always keep site software up to date with latest software, plugins and always disable or remove software features that are not required. Making regular backups will allow you to restore that last known working version of the site quickly in the event of breach and so you can identify when rogue files have been inserted into your web site file system.
This is something that your web designer or hosting company should be doing with you.