From a security stand point
yes, it's probably very wise to place the site into maintenance mode to analyze the damage. If it was strictly just defaced and you knew exactly how it happened, then the hosting company could really care less as to how your website looks to the public, but considering that the site was breached, without analyzing that breach in detail, it's very difficult to tell and assume that there isn't anything malicious going on.
That said, while the site may be down, you should still have access to it from an administrative point of view i.e. there should be a way for you to analyze and recover your files. Unless the hosting company believes that there is active, malicious activity on your server that could spread, you should have access to all of your files.
While hosting companies can often check logs and aid a little bit with the investigation, it mostly falls on you. Now, good hosting companies keep daily back-ups of your site, however if this is a shared hosting company, there's a good chance you're out of luck in that department, because it wouldn't be feasible for them to maintain back-ups for all their shared users unless they charged more for it.
Depending on what kind of system you're running on your site, the best way to resolve this is to reinstall the content management system/framework you are using, back-up all of your data from the old database, and then import it into the fresh installation.
Lastly, if you had user accounts on the site, it might not be a bad idea to have everyone change their password, just as a precaution.
As a side note for the future, a product I like is OSSEC. I use it monitor all of my websites for activity, specifically, file changes. It reports them in real-time and allows me to see what's happening. While I do have daily, weekly and monthly back-ups, if only one file changed, I would be able to revert back to it without having to restore the entire website.
Was this reply helpful? (1) (0)