That means nothing, and relying on one person telling you something is unsafe is an incredibly unsafe practice anyway. The source code for bitaddress on GitHub has not changed in years, but there is zero guarantee that the source code of the live website hasn't been changed. And since OP simply used the website (while online, no less, and with no guarantee he was actually on the legitimate website at all and not a malicious clone), there is no telling what code he was actually running.

Such is the beauty of such a scam. There are so many potential ways that OP could have lost his coins, that the real method the attacker used is unlikely to be discovered, making tracing him down impossible.

It is probably time the community stopped recommending such websites at all. Single key pair paper wallets come with many other risks and drawbacks that most newbies don't understand anyway. Far better to back up a seed phrase and the first couple of addresses, generated by a secure piece of airgapped wallet software.