You are also compromising security if you don't trust a 3rd party. Not everyone is talented enough to secure a server properly. There must be a balance between these two things. It's not just "3rd party is all wrong, don't trust them".
And who's to say the 3rd party is any better at securing their servers? You just don't know.
The only time you can actually be demonstrably more secure by using a 3rd party is if the 3rd party provides an SLA (Service Level Agreement) that you can legally enforce in your jurisdiction wherein they agree to become liable for your losses if they screw up, only then is the risk transferred and you don't need to know if they have security flaws.