Thanks Alexandra!
Basically, yes, this is correct.
Also very correct. However the other hacks are likely injection attacks to the db, or cross site scripting, code injecting, plugin vulnerability attack, or simply phishing/social engineering... which ended up causing these other unusual site behaviors.
The general behavior of a successful denial of service attack is simply for the site to not be able to respond and cause various timeouts, unloaded pages, slow loading pages, forbidden or not found requests, etc....
My guess is that the site provider has relatively weak router perimeter security (in general) and little to no DDoS mitigation plan or services in place (which allowed for an easy DDoS attack). They also likely phished for data to get admin logins, or found a plugin vulnerability, or a security hole allowing for code or db injection.