There's really not any problem with hosting servers at a cloud provider that isn't shady. Encrypt the data on the drive, use a reasonable firewall policy, then all you have to be concerned about is application layer breaches.
Trust me, lots of payment data goes through secure servers at Rackspace.
I get what you're saying, but my point is this: This hack happened because Bitcoinica doesn't own the bare metal servers on which the money is hosted. The break in was possible because somebody abused Rackspace's password reset functionality. The last time Bitcoinica got owned, it was because somebody managed to exploit Linode's customer service portal. To me this trend would strongly suggest the need to outright own the production hardware so that attackers have to attack you directly or physically break in to your data centre.
Trust me, lots of payment data goes through secure servers at Rackspace.
/Not a rackspace employee, but I know