I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
In my view, the best way to make sure that your that is rename your login url to secure your wordpress website is through using a WordPress backup plugin. This is a relatively inexpensive, easy and elegant to use way to be sure that your website is accessible to you.
This is fantastic news because read it means that there is a community of developers and look at this site users who can enhance the platform. However, whenever there is a group of people trying to achieve something, there'll always be people who will attempt to take down them.
This is very handy plugin, protecting you against brute-force password-crack strikes. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable click for more login attempts when a certain number of attempts is reached.
Now we're getting into things specific to WordPress. Whenever you install WordPress, you need to edit the document config-sample.php and rename it to config.php. You need to install the database details there.
Using a plugin for WordPress security only makes great sense. WordPress backups will need to be performed on a regular basis. Do not become a victim as a result of not being proactive!