Well it's not really true that everything can be hacked. Of course your "system" security is not only encryption of data transfers, but your server setup, gateway, firewall, browser and bunch of other things depends on the system.
But these are usually pretty well done. It's not the weak encryption of data which usually fails. It's human who usually fails. Let's take Kevin Mitnick for instance. He is considered the most famous hacker in the world. There are books and movies about his life. Even such a guy as Kevin wasn't always able to crack/hack things in let's call it "digital way". He was doing more personal tricks. He talked to lady who was working in some company to get some information in a tricky way etc. So hacking is much more than fighting with encryption, scanning ports, sniffing network etc.
I am not an expert in security but as I am aware there is still no super computer in the world which can break 8-character UTF password encrypted with some one-way encryption like SHA1 during average man's lifetime. So there is no way to actually crack encrypted data, but there are ways to by-pass encryption.
What is usually enough to sleep stressless is SSL + params salted encryption with API-KEY. Companies from around the world use it by default for their webshops etc. This is a standard which is simply enough for e-commerce so I am sure it is enough for indie game industry as well. Just don't leave your data transfers plain text and you're quite fine .