Security risks of "Software as a Service"

"Salesforce catastrophic bug reveals sensitive data of thousands of companies"
Not really, but how long will it take until this headline comes real? Software as a Service (SaaS) is growing in popularity, and many companies give their sensitive data to companies like Salesforce or Microsoft. How trustable are the companies which are collecting those data? And how secure is their Software?

Wikipedia article about Software as a service
Salesforce.com and the debate over SaaS security, email confidentiality
Salesforce.com Acknowledges Data Loss