It might be a SQL injection attacks that alters your data.
Here are some important suggestions to keep your site secure:
- Install SSL on your main server and if you are using CDNs make sure to serve the ssl from your server rather than CDN's ssl
- You can activate WAF (Web Application Firewall) to prevent layer-7 attacks like; XSS, SQL Injection, Cookie poisoning etc.
- Use a CDN that provide protection against DDoS
- Hide and secure your website admin panel with 2-step or IP based access
- Make sure your Coding & Design standards are up to date
- Up-to-date your application, plugins and server
- Keep regular backup of your data
You can also follow this guide on how to secure a website.