Hacked Website Has
This isn't truly about a website being hacked - it's about the organization's data being hacked. The website is untouched and may have been used to gain access, but the data that the company has been gathering - logins, passwords, security questions, etc. - is what has been compromised. This technology that the article mentions is a honeypot style trap. The hackers have gained the passwords to the accounts and are accessing them in various ways. One of the ways we secure our client's site is by geolocation techniques, preventing access from geographical locations that are bad actors - North Korea, Nigeria, etc. - that the customer has no business in and never expects interaction with. We also encourage password cycling, prevent simple passwords and prevent password repetition but, if someone's password gets compromised, there really isn't much you can do if you aren't aware of it.