It's also important to change your password and admin username if someone helps you and needs admin username and your password to login to do the job. Admin username and your password changes, after all of the work is finished. Someone in their company may not be, if the man is trustworthy. Better to be safe than sorry!
The how to fix hacked wordpress Codex has an outline of what permissions are acceptable. File and directory permissions can be changed through an FTP client or within the administrative page from the web host.
A simple way to maintain WordPress safe would be to use a few tools that are built-in. To begin with, don't allow people to list the files in your folders, run a web host security scan and automatically backup your whole web hosting account.
Maintain control of your assets - Nothing is worse than having your livelihood in someone else's hands. Why take chances with something as important as your site?
It's really sexy to fan the flames of fear. That is what journalists and bloggers and politicians and public figures do. It's anchor great for readership and it brings money into the war chests. Balderdash.
Change your password, or at least admin username and your WordPress password and collect and use other fantastic WordPress security tips to keep hackers out!