If you haven't logged into your website in a while, you will probably find that you need to apply some updates. The web is constantly changing and technology gets better and better daily. Programmers squash coding bugs, update their code to make things work better etc.
The free software roughly one third of all websites run on is WordPress. It's very popular among site owners and developers like myself because it's simple and easy to use. It's also very scale-able. Some of the largest sites in the world are running on it including the New York Times.
Because of it's popularity, it's a nice target for hackers. It's quite the challenge for them to break in these days, which can be enjoyable for them, and as of version 3.7, it's become even more of a challenge.
If your server setup permits it, WordPress can now update itself with important security patches. All sites I've built for my customers, hosted on my servers are update capable.
I get asked a lot, "is WordPress secure?". The truth is, nothing is absolutely secure. Security isn't black and white. There are only degrees of security, and the degree that something is secure is largely dependent on how proactive you are to keep it that way.
Automatic WordPress updates help you stay proactive in securing your site, but this doesn't totally secure it.
To keep your site safe from hackers, you'll need to continue logging in and updating your plugins and you will want to check your site periodically to determine if it has any malware injected into it. UnmaskParasites.com is a great tool for finding bad code on a compromised site.
In fact, if you happen to have malicious code injected into your site somewhere, An automatic update doesn't necessarily handle it. It can perpetrates it. There are cases of this already being reported by some WordPress Users.
Log in and apply your updates. Check for injected malware. Backup your site if you aren't too. Sometimes all your efforts will fail and that kid in Iran will break into your site and deface it. A backup is a godsend to help get everything back to normal quickly right after you change your password to something a litter harder to crack than "password" or "12345".