The fix wordpress malware scanner Codex has an outline of what permissions are okay. Directory and file permissions can be changed either via an FTP client or within the administrative page from your hosting company.
Don't make the mistake of thinking that your hosting company will have your back as far as WordPress copies go. Not always. While they say my review here they do, it has been my experience that the hosting check over here company may or might not be doing proper backups. Take that kind of chance?
Recently, the blog of Reuters was hacked by an unknown hacker and published a news article that was fake. Their reputation is destroyed because of what the hacker did since Reuters is a popular news site. Something similar may happen to you in the event you don't pay attention.
You could also get an SSL Encyption Security to your WordPress blogs. The SSL Security makes encrypted and secure communications with your blog. You can keep the all of the cookies and history best site of communication so that all transactions are listed. Make sure all your sites get SSL security for utmost protection from hackers.
Change your WordPress admin and password username, or your password and collect and utilize other good WordPress security tips to keep hackers out!