Right! A couple of years ago some (self-reported) Turkish hackers exploited a Wordpress vuln and took control of my hosting. All they did was change index.php into their own landing page telling everyone that I got owned, that Turkey is the best, and (from memory) an Islamic Nasheed playing in the background.
It took me a couple of minutes to get everything fixed, but I can only imagine what would have happened if they were more malicious and used it to serve malware or as part of a botnet attacking other sites.
It was still annoying, disruptive and unwanted, but it was so much easier to deal with than some more malicious hacks out there.
How do you know the defacement was not just a distraction of the NSA adding your machine to their bot net with some privilege escalation and root kit? Sorry :-)