The wallet is NOT stored on the server, you cannot be compromised when the server gets hacked. You should delete the keys in the browser local storage though, when you do not intend to use this web wallet again.
EDIT: Only when the server publishes malicious code, and you continue to use this web wallet, you're in danger.