Hacker problem

As long as you have a good, strong password, there’s no danger in the userid being used by your admin user being known.

Since you did not publish a link to your site, I can’t see how it might be exposed, but it’s not a threat. There’s no need to change it.

Moved to Fixing WordPress, this is not an Everything else WordPress topic.

That happened several times in the past year and every time I am forced to change that name immediately after I detected that issue.

Changing the names does not accomplish anything at all and is a game of whack-a-mole. It is not a good use of anyone’s time.

How can hackers find out the administrators login name?

Many ways and none of it matters. User names for example like jan, jdembowski, jan_dembowski, coffee_monkee etc. have zero security. They are not supposed to.

Like Steve wrote it is the strong passwords like j83eKAYvg.^]tq2/a3_\8s=*ApVB or =.#"VM%cQ?83G*-u2y'2x#&{aor even \Ws$PzTbEqD3d@b-aKE2,BygrqHHGHhu,3A{!n>- that make your accounts secure.

A password manager such as LastPass or 1Password can assist you with that. For even more security you can add two factor authentication such as a time based code or a Yubikey.

https://wordpress.org/support/article/two-step-authentication/

On WordPress I use this plugin for that.

https://wordpress.org/plugins/two-factor/

That plugin supports time based codes as well as hardware tokens such as YubiKey.

https://en.wikipedia.org/wiki/YubiKey

Using 2FA is not trivial and if you do activate it make sure you understand the implications of losing your token or YubiKey.

There are a number of ways, from cycling through authors to using JSON, to just examining post meta. As you have not published a link, I can’t see which might be usable. You can google this.