I have had two WordPress blogs hacked into previously. That was at a time when I was doing virtually no internet advertising, and until I found time to deal with the situation (weeks later), these sites were penalized at the main search engines. They weren't eliminated, however the evaluations were reduced.
Documents can easily get lost if you don't have good protection on your website. Some of those files might be stored in your computer and easily replaceable, but what about the rest of them? Where are you going to get them out of again, if you lose the first time to them? Especially fix malware problems free is very important. Many times, long-term sites have a lot of data and have made a number of files. Recreating that all are a nightmare, and not something any business owner wants to do.
I might find it a little harder to crack your password, if you're one of the ones that are proactive. But Going Here if you're one of those ones, I might just get you.
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it Your Domain Name if it cannot be found in the root directory. Also, nobody else will be able to read the file unless they have SSH or FTP access.
Install the WordPress Firewall Plugin. This plugin investigates web requests with WordPress-specific heuristics that are simple to identify and stop attacks.
Do your homework and some searching, but if you're pressed for time and need to get this try out the WordPress pop over to this site security plugin that I use. It is a relief to know that my site (and business!) are secure.