#1 - I've been needing to have my Magento site upgraded to the newest version for a while. I am on a version from 2 years ago. I think it has some security vulnerabilities and this is how my website got hacked.
#2 - I am just a small website and I only do a few sales a month, but it appears that my website has been hacked. My web hosting company has suspended my website and contacted me with the following message:
"You will need to remove the reported content included below. We received a report regarding this issue from a third party. As your site access has been restricted, you will need to use services such as FTP, cPanel, File Manager, or other non-HTTP methods of removing or cleaning reported content. We also highly suggest signing up for SiteLock, which can help you detect and remove malicious content on a regular basis. You can reach them directly at 877-563-2849.
Once you have addressed the source of the complaint, we'll be happy to review your account towards restriction removal.
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 32h/50d Inode: 75370952 Links: 2
Access: (0755/drwxr-xr-x) Uid: ( 504/ xxxxxxxx) Gid: ( 512/ xxxxxxxx)
Access: 2015-08-31 12:29:30.301605197 -0500
Modify: 2015-09-03 11:06:53.587058023 -0500
Change: 2015-09-03 11:06:53.587058023 -0500"
So I need someone to fix this and help make my website more "hack-proof".