Sites like these work using a complex net of security and data encryption. Encrypted data is essentially plaintext (ie. your password) which has then been distorted using a specific algorithm which can only be unlocked utilizing that same "key." This way, only you poses the "key" to your data and even if someone was able to get ahold of it through a security hole server side, they would (hopefully) be unable to break the encryption. But this doesn't always mean you're safe.
The aforementioned website LastPass once had quite the scare when they suspected that someone had breached their security and was able to obtain username and password combinations forcing many to go through the painful process of changing all of their password information.
Thankfully people remain critical of these sites. Jason Owens has a thoughtful investigation into whether Mint was safe to use (his answer ultimately being "both no and yes" and asks you to weigh the benefits with the risks.) So what does that mean? Is storing our sensitive data online simply a gamble? Do you like leaving your most personal information up to luck? We personally don't use any of these third-party services for this very reason. It just seems easier to keep everything local and sacrifice some efficiency for the sake of safety.
We're also curious if there will ever be a point when our data would be 100% safe in cyberspace. Or will there always be that inherent risk that we'll forever be gambling against?