My hosting company of course says their server is secure and that site security is my responsibility. I use a very good paid security service to protect my WP installs.
genshop.org was the hacker as best I can determine. I suspect this person(s) chooses sites that are popular in Google to use as his targets. That way he will get more hits on his junk pages.
genshop.org is a totally closed site. No pages showing, the robots.txt file is protected from viewing by the .htaccess file. It is currently registered with Domains by Proxy (a godaddy subsidiary) and hosted on wild, wild west (another godaddy subsidiary).
Googling genshop.org yields some interesting info. Quite a few other people are and have been tracking this site.