A website owned and operated by Microsoft — Digital Constitution — has been hacked. How do we know this? Because messages for casinos and gambling have appeared on multiple pages on the site. Hackers put these links on other sites to increase their Google visibility and ranking.
What do this mean to you as a WordPress website owner? The Microsoft site is a WordPress site AND THE WORDPRESS VERSION WAS NOT UPDATED, LEAVING THE SITE VULNERABLE TO ATTACK!
Yes, this happens to the big boys too. But a simple update could have prevented this from occuring.
Always update your WP version, plugins and themes. Remove plugins that are not being regularly maintained by the author. Use security plugins. I install security plugins on all the sites I build: iThemes Security or Wordfence.
Because you never can guarantee that a site won’t be hacked (or crash), I also install backup plugins: Back WP Up (a free plugin) or Backup Buddy (a premium plugin). You can also talk to your host about their back up services/features.
So if you have not updated your site recently, now is a good time to go in and do it.