It's not just the ISPs
Recently one of my servers was hacked as a phising site gathering account information of Bank of America clients. I was contacted by my ISP with a take down notice and promptly removed the offending phishing site. I then tried to contact Bank of America in order to let them know the names of the victims that were recorded in my server logs.
Three attempts to call BoA customer service - via the phone number listed on their website, several minutes of going round the automated response system, I eventually got hold of someone who would not help me as I was not a customer, finally he gave me an email address that has never replied.
BoA customers you should be nervous about the safeguards that are in place.
SG