Most modern web applications make use of JSON to pass data around. JSON hijacking, as its name suggests, is when a hacker accesses a JSON response from another site.

The motivation for a hacker to try and read a JSON response not meant for them is the fact that websites, usually, will contain a user's information that can personally identify someone in a JSON response. That's a gold mine for a would-be malicious user.