Bitcoin Attack Through WP Comments

Hello! We had originally installed the Akismet anti-spam plug-in, but had trouble installing the most recent update. Several fake spam comments were received that contained glowing reviews of our content. Then we received several threatening messages as comments. Among other things, the messages contained language like “Hey. Soon your hosting account and your domain * will be blocked forever, and you will receive tens of thousands of negative feedback from angry people.”. They wanted us to pay 0.5 bitcoins before 6/1/2019 to avoid having this happen. I ignored the request for payment and deleted the comments. I installed the Anti-Spam Bee plug-in since Akismet was having trouble. The new plug-in successfully identified spam comments, so I thought the situation was contained. As soon as the deadline for payment passed, we started receiving loads of spam in our personal email along with subscriptions to what looks like hundreds of WordPress blog newsletters. Since then, I have installed the Wordfence plug-in. I ran a scan and there doesn’t appear to be any malware present on our site. We have stopped receiving spam comments, but we still have lots of spam and WordPress newsletters coming into our personal email. I can’t tell the difference between a genuine WordPress newsletter that I can just “Unsubscribe” and a fake one that will continue delivering more spam. I would like to find out if our customer’s accounts have been compromised and also how to stop this massive flow of spam that has hit our personal email. Any help/advice would be greatly appreciated!

The page I need help with: [log in to see the link]