I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
I back my blogs using a plugin WP DB Backup up. I can always restore my website if anything happens. I use WP Security Scan plugin to scan my site frequently and suspicious-looking requests to be blocked by WordPress Firewall to fix malware problems free.
If you're one of the proactive ones, I might find it somewhat harder my explanation to crack your password. But if you're one of the ones, I might get you.
Before you can delete the default admin account, you first must create a new user. To do this go to your WordPress Dashboard and click on User -> Create New User. Enter all the information you will need to enter.
Black and whitelists pathological-looking phrases based on which field they appear within. (unknown/numeric parameters vs. known article bodies, comment bodies, etc.).
Implementing all of the above will take less than an hour to complete, while creating your WordPress site more resistant to intrusions. Websites were this past year, mainly due to easily preventable security gaps. Have yourself prepared and you are likely to be on the safe side.