Your credit card info is safe. Kickstarter doesn't handle that part, instead leaving it to Amazon. Anyone who might have gained access to your account shouldn't be able to pledge for anything. You should be worried about your password though. They used SHA-1 encryption, which I believe was already compromised before this. They changed the encryption type afterwards, so at least things should be better now.
Thats not strictly true - Kickstarters that aren't based in the US are not handled by Amazon, but by Kickstarter itself. That means, that kickstarter has partial records of credit cards stored.