When a Joomla website gets compromised, several things can happen, depending on the type of hack and the intention of the hacker. The compromised website can be filled with malicious scripts, has all its content removed, or being redirected to another website with malicious content.

The core reason why Joomla websites can become compromised is due to outdated software. If the Joomla software or any of its extensions/plugins are not updated regularly, it can leave vulnerabilities in the website that hackers can exploit.

It is important to note that failing to update Joomla regularly can lead to compatibility issues, site downtime, security vulnerabilities, and other problems that can impact the website's functionality and reputation. Therefore, it is recommended to always keep Joomla and its extensions/plugins up-to-date, and to regularly back up the website to ensure business continuity and data recovery in the event of an issue.

Other reasons can be weak password used for the Joomla administrator login, giving execute permissions on public directories, and poor coding practices.