Computer scientists develop a simple tool to tell if websites suffered a data breach. Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies' reach and audience are. Source 8f.
This isn't truly about a website being hacked - it's about the organization's data being hacked. The website is untouched and may have been used to gain access, but the data that the company has been gathering - logins, passwords, security questions, etc. - is what has been compromised. This technology that the article mentions is a honeypot style trap. The hackers have gained the passwords to the accounts and are accessing them in various ways. One of the ways we secure our client's site is by geolocation techniques, preventing access from geographical locations that are bad actors - North Korea, Nigeria, etc. - that the customer has no business in and never expects interaction with. We also encourage password cycling, prevent simple passwords and prevent password repetition but, if someone's password gets compromised, there really isn't much you can do if you aren't aware of it.
Not successfully so far. But this is a warning kind of because this can happen to anyone. I noticed that while looking at my Apache logs, somebody tried to access my administration pannel thinking I was using Wordpress. Luckily they did not succeed because first of all, I wasn't using Wordpress, I was using my own administration panel I made. But the strange thing is unless you type the name of the site exactly on google you won't find it. I didn't share my website with anyone (Except maybe in one or two places for a resume but I don't think potential employers shared it).