How do popular websites get hacked?Here some general steps :
1-Gathering informations about the website , in the step the hacker need to get as much information as he can about the website , like : the running server , the ip adresse of the server , the websites on the same server , admins email ... and everything that can help, Google is the best friend for this step but still there are other tools and search Engine who help.
2- scanning the target : here the hacker need to scanne the website for vulnerabilities , crowling , scanning the server for open ports and service used , scanning website on the same server (if there are some ) and remember the hacker can hack a website on the same server to get the target website (Generally it quite easy once a website on the same server hacked to jump to the target website .
3- Exploitation : in this step the hacker use the informations gathered from step1 and 2 , he can use the email gathered for Social engineering , if he found vulnerabilities he just has to exploit them to get the needed information to access the private data on the website and access as an Admin , most of known and present vulnerabilities on nowadays are SQL Injection .
4-maintaining the access : once the hacker got into the target website with the desired privilege , he has to maintain the access (to not have to hack it another time), for this he can put a backdoor and connect to the server with the netcat tool when he want to .
That was a the steps on general points for helping you understanding the general idea , and note that Website hacking is most of time easy task for hackers comparing with other thing as system hacking and so on .
Sorry for my bad English (it's my third language )