If you have an ASP.NET site, you might want to double check how the data access is coded. No matter whether you’ve enabled TDE, column level encryption, have strong firewalls or anything else, if you are vulnerable to SQL Injection, someone will get through.
Perhaps just for fun. Another massive attack took place recently. These attacks will get more automated, and if you are on a well known platform, then you might be vulnerable. Even if you are on custom software, it’s entirely possible a disgruntled employee or a kid engaging in vandalism might attack your site.
It’s not hard to stop SQL Injection. You just need to learn how and code securely.