Hello,
That is unfortunate to see guys d like this, any way, I believe the breach on your site was due un-updated WordPress(Versions <= 4.3.2 have SQL injection which can cause full server down), or of the plugins is vulnerable, in either ways, I need first to examine the logs then to decide.
After that, I will do full penetration test for all the sites you have just to make sure you are more secure.