… that we were never at risk of being hacked during the recent attack on WordPress sites as it uses a vulnerability in a plugin/addon called MailPoet which we don’t use (its main use is to manage newsletters).
See this article on the subject on Sucuri.
From what I gathered from the article the problem was apparently discovered and fixed weeks ago but the sites that were hacked had not been updated yet (for security issues such as these you should never delay updating your softwares, especially from something accessible on the Internet).
You should also make frequent backups of your things, you never know when you might get hacked or your hardware might fail…
Have you done your backup today? 😉