Few things to keep in mind, this is a massive website.
They run ads, so they for sure have some cash rolling in, and with traffic like that, unless they are using google adsense or some other obscure ad provider, they are probably doing pretty well.
They need to:
1. Make sure their software is up to date. This is probably how this all started. They were literally using a version of their forum software from early 2014. Almost every forum company offers free security updates to users with a valid license of their product, so they clearly just were not doing it. There have been multiple public announcements of bugs in the version they were using and those after it.
2. Pay for a 3rd party service like Incapsula that has a firewall, and malware protection. For what they need it is going to be $200/$300 a month, which is a small price to pay considering what just happened.
3. Hire a server admin with a focus on security.
No security is obviously 100% bulletproof, but this was probably as easy as googling an exploit for the older version that CAG had displayed (for some reason) at the bottom of their forum, and following directions.