And another big problem
As part of my daily work & research I often find hacked magento websites containing magecart and other malware.
I always send the store a personalised email warning them they have been hacked and letting them know of the severity. I.e. your customers bank details are being stolen from your website!!!!
I then send various follow up emails and even take the time to warn them via a "Live Chat" box if they have one.
I tell them i can provide FREE step by step removal instructions if they contact me back, i would estimate about 20% of stores reply, the other 80% are still infected several weeks later.
Honestly many of these store owners simply do not care, or bury their heads in the sand and hope the problem will go away.