I have just come across gravityscan.com which allows you to input a website URL and it scans it to see if the website has been hacked or has any security issues. It works with any website though works particularly well with WordPress, Magento, Joomla, Drupal and vBulletin (the website is from the makers of Wordfence, a WordPress security plugin). I have only tried a scan on this website, so I have little to go on for what issues it might find but it’s certainly worth a look.
Unfortunately we live in a world where someone is always trying to steal or disrupt the lives of others and security needs to be taken seriously, even if your website is simply a harmless blog about baking cakes. It is important to ensure the server where your website is hosted is always kept up to date with security patches and has good firewall/anti-virus or to choose a host that provides this service for you. It is always important to ensure you keep your website up to date if you use an out of the box CMS like WordPress, and that should include all plugins and third party software. If your website is bespoke, then try and keep the framework, if you use one, up to date (not as easy as clicking update in WordPress granted), and patch any bugs or vulnerabilities that you find. Upgrading the language your website uses, such as PHP, can also be a little trickier as this can cause incompatibilities but these can be minimised by keeping your website code/framework/CMS up to date.
Lastly, it always pays to keep up to date with the latest industry news, especially ones concerning security vulnerabilities. Ignorance is definitely not bliss in this case.