I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
I back up my blogs regularly using a plugin WP DB Backup. If anything happens I will restore my blog to the settings. I use WP Security Scan plugin that is free to scan my blog regularly and requests to be blocked by WordPress Firewall to fix wordpress malware virus.
A simple way to keep WordPress safe is to use a few tools that are built-in. To begin with, don't allow people run a web host security scan, to list the documents in your folders and automatically backup your entire web hosting account.
Is to delete the default administrator account. This is important because if you do not do it, a user name that they could attempt to crack is already known by malicious user.
As I (our fictitious Joe the Hacker) know, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two blog logins, FTP, internet hosting, etc. accounts that all include logins my company and passwords you will need to remember.
I prefer to use a WordPress plugin to get the job done. Make sure that the plugin you choose is able to do copies that are select, has restore performance, and can replicate. Also be sure that it is often updated to keep pace. There's absolutely not any use in backing your data up and not working.